CVSS: 3.6EPSS: 0%CPEs: 7EXPL: 0CVE-2006-1524
https://notcve.org/view.php?id=CVE-2006-1524
madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way that combined two separate issues. The mprotect issue now has a separate name, CVE-2006-2071. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6 http://lwn.net/Alerts/180820 http://secunia.com/advisories/19657 http://secunia.com/advisories/19664 http://secunia.com/advisories/19735 http://secunia.com/advisories/20398 http://secunia.com/advisories/20671 http://secunia.com/advisories/20914 http://www.debian.org/security/2006/dsa-1097 http://www.debian.org/security/2006/dsa-1103 http://www.novell.com/linux/security/advisories/2006-05-31.html htt • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.9EPSS: 0%CPEs: 138EXPL: 0CVE-2006-0744
https://notcve.org/view.php?id=CVE-2006-0744
Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5 http://lwn.net/Alerts/180820 http://secunia.com/advisories/19639 http://secunia.com/advisories/19735 http://secunia.com/advisories/20157 http://secunia.com/advisories/20237 http://secunia.com/advisories/20398 http://secunia.com/advisories/20716 http://secunia.com/advisories/20914 http://secunia.com/advisories/21136 http://secunia.com/advisories/21179 http://secunia.com/advisories/21498 http://secunia. • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 80EXPL: 0CVE-2006-0558 – ia64 crash
https://notcve.org/view.php?id=CVE-2006-0558
perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function. perfmon (perfmon.c) en kernel de Linux en arquitecturas IA64 permiten a usuarios locales provocar una denegación de servicio (caída) mediante la interrupción de una tarea mientras otro proceso está accediendo al mm_struct, lo que desencadena una acción BUG_ON en la función put_page_testzero. • http://marc.info/?l=linux-ia64&m=113882384921688 http://secunia.com/advisories/19737 http://secunia.com/advisories/20914 http://secunia.com/advisories/26709 http://www.debian.org/security/2006/dsa-1103 http://www.redhat.com/support/errata/RHSA-2007-0774.html http://www.securityfocus.com/bid/17482 http://www.vupen.com/english/advisories/2006/1444 http://www.vupen.com/english/advisories/2006/2554 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=185082 https:// •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2006-1523
https://notcve.org/view.php?id=CVE-2006-1523
The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON. La función __group_complete_signal en el manejo de señales RCU (signal.c) en el kernel de Linux 2.6.16 y posiblemente otras versiones, tienen vectores de impacto y ataque desconocidos relacionados con el uso incorrecto de BUG_ON. • http://marc.info/?l=linux-kernel&m=114476543426600&w=2 http://secunia.com/advisories/20398 http://secunia.com/advisories/20914 http://www.debian.org/security/2006/dsa-1103 http://www.novell.com/linux/security/advisories/2006-05-31.html http://www.securityfocus.com/bid/17640 http://www.vupen.com/english/advisories/2006/2554 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188604 •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1522
https://notcve.org/view.php?id=CVE-2006-1522
The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring_search_one function. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.3 http://lwn.net/Alerts/180820 http://secunia.com/advisories/19573 http://secunia.com/advisories/19735 http://secunia.com/advisories/20157 http://secunia.com/advisories/20237 http://secunia.com/advisories/20716 http://secunia.com/advisories/21745 http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c3a9d6541f84ac3ff56 • CWE-20: Improper Input Validation •