PT-2006-3052 · Linux+1 · Linux Kernel+1
Marcel Holtmann
·
Publicado
2006-04-27
·
Atualizado
2018-10-18
·
CVE-2006-2071
CVSS v2.0
2.1
Baixa
| Vetor | AV:L/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions 2.4.x and 2.6.x up to 2.6.16
Description
The issue allows local users to bypass IPC permissions and modify a readonly attachment of shared memory. This is achieved by using
mprotect to give write permission to the attachment.Recommendations
For Linux kernel versions 2.4.x and 2.6.x up to 2.6.16, consider restricting the use of
mprotect to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability. Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Linux Kernel
Red Hat