CVSS: 2.1EPSS: 0%CPEs: 143EXPL: 0CVE-2006-1056
https://notcve.org/view.php?id=CVE-2006-1056
The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels. El kernel de Linux en versiones anteriores a 2.6.16.9 y el kernel de FreeBSD, cuando se ejecuta en AMD64 y otros procesadores AuthenticAMD de 7ª y 8ª generación, solo guarda/restablece los registros FOP, FIP y FDP x87 en FXSAVE/FXRSTOR cuando una excepción está pendiente, lo que permite un proceso para determinar las porciones del estado de instrucciones de punto flotante de otros procesos, lo que puede ser aprovechado para obtener información sensible como claves criptográficas. NOTA: este es un comportamiento documentado de procesadores AMD64, pero es inconsistente con procesadores Intel en una forma relevante para la seguridad que no fue abordada por los kernels. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc http://kb.vmware.com/kb/2533126 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.9 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lwn.net/Alerts/180820 http://marc.info/?l=linux-kernel&m=114548768214478&w=2 http://secunia.com/advisories/19715 http://secunia.com/advisories/19724 http://secunia.com/advisories/19735 http://secunia.com/advisories& • CWE-310: Cryptographic Issues •
CVSS: 3.6EPSS: 0%CPEs: 7EXPL: 0CVE-2006-1524
https://notcve.org/view.php?id=CVE-2006-1524
madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way that combined two separate issues. The mprotect issue now has a separate name, CVE-2006-2071. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6 http://lwn.net/Alerts/180820 http://secunia.com/advisories/19657 http://secunia.com/advisories/19664 http://secunia.com/advisories/19735 http://secunia.com/advisories/20398 http://secunia.com/advisories/20671 http://secunia.com/advisories/20914 http://www.debian.org/security/2006/dsa-1097 http://www.debian.org/security/2006/dsa-1103 http://www.novell.com/linux/security/advisories/2006-05-31.html htt • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.9EPSS: 0%CPEs: 131EXPL: 0CVE-2006-1525
https://notcve.org/view.php?id=CVE-2006-1525
ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.8 http://lwn.net/Alerts/180820 http://secunia.com/advisories/19709 http://secunia.com/advisories/19735 http://secunia.com/advisories/19955 http://secunia.com/advisories/20157 http://secunia.com/advisories/20237 http://secunia.com/advisories/20398 http://secunia.com/advisories/20671 http://secunia.com/advisories/20914 http://secunia.com/advisories/21476 http://secunia.com/advisories/21745 http://support. • CWE-399: Resource Management Errors •
CVSS: 4.9EPSS: 0%CPEs: 138EXPL: 0CVE-2006-0744
https://notcve.org/view.php?id=CVE-2006-0744
Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5 http://lwn.net/Alerts/180820 http://secunia.com/advisories/19639 http://secunia.com/advisories/19735 http://secunia.com/advisories/20157 http://secunia.com/advisories/20237 http://secunia.com/advisories/20398 http://secunia.com/advisories/20716 http://secunia.com/advisories/20914 http://secunia.com/advisories/21136 http://secunia.com/advisories/21179 http://secunia.com/advisories/21498 http://secunia. • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 80EXPL: 0CVE-2006-0558 – ia64 crash
https://notcve.org/view.php?id=CVE-2006-0558
perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function. perfmon (perfmon.c) en kernel de Linux en arquitecturas IA64 permiten a usuarios locales provocar una denegación de servicio (caída) mediante la interrupción de una tarea mientras otro proceso está accediendo al mm_struct, lo que desencadena una acción BUG_ON en la función put_page_testzero. • http://marc.info/?l=linux-ia64&m=113882384921688 http://secunia.com/advisories/19737 http://secunia.com/advisories/20914 http://secunia.com/advisories/26709 http://www.debian.org/security/2006/dsa-1103 http://www.redhat.com/support/errata/RHSA-2007-0774.html http://www.securityfocus.com/bid/17482 http://www.vupen.com/english/advisories/2006/1444 http://www.vupen.com/english/advisories/2006/2554 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=185082 https:// •