SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2006-0557

Date: (C)2006-03-12 (M)2023-12-22

sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.9
Exploit Score: 3.9
Impact Score: 6.9

CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE

Reference:

SUSE-SA:2006:028

http://lkml.org/lkml/2006/2/27/355

http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=636f13c174dd7c84a437d3c3e8fa66f03f7fda63

http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=636f13c174dd7c84a437d3c3e8fa66f03f7fda63

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=184510

linux-get-nodes-dos(25204)

oval:org.mitre.oval:def:9674

CPE 124

cpe:/o:linux:linux_kernel:2.6.15:rc1
cpe:/o:linux:linux_kernel:2.6.15
cpe:/o:linux:linux_kernel:2.6.15:rc2
cpe:/o:linux:linux_kernel:2.6.14
...

© SecPod Technologies