[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-0744Date: (C)2006-04-18   (M)2023-12-22


Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.9
Exploit Score: 3.9
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
BID-17541
SECUNIA-19639
SECUNIA-19735
SECUNIA-20157
SECUNIA-20237
SECUNIA-20398
SECUNIA-20716
SECUNIA-20914
SECUNIA-21136
SECUNIA-21179
SECUNIA-21498
SECUNIA-21745
SECUNIA-21983
OSVDB-24639
ADV-2006-1390
ADV-2006-1475
ADV-2006-2554
DSA-1103
FEDORA-2006-423
MDKSA-2006:086
MDKSA-2006:150
RHSA-2006:0437
RHSA-2006:0493
SUSE-SA:2006:028
SUSE-SA:2006:042
SUSE-SA:2006:047
USN-302-1
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm
linux-uncanonical-addr-dos(25869)
oval:org.mitre.oval:def:9732

CPE    135
cpe:/o:linux:linux_kernel:2.6.16
cpe:/o:linux:linux_kernel:2.6.15:rc1
cpe:/o:linux:linux_kernel:2.6.15
cpe:/o:linux:linux_kernel:2.6.14
...
CWE    1
CWE-20

© SecPod Technologies