Vulnerability CVE-2006-3635
Published: 2017-08-06   Modified: 2017-08-07

Description:
The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service (stack consumption and system crash) via a crafted application that leverages the mishandling of invalid Register Stack Engine (RSE) state.

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.9/10
6.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Linux -> Linux kernel 

 References:
http://ftp.naist.jp/pub/linux/kernel/v2.6/ChangeLog-2.6.26
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4dcc29e1574d88f4465ba865ed82800032f76418
https://bugzilla.suse.com/show_bug.cgi?id=199440
https://github.com/torvalds/linux/commit/4dcc29e1574d88f4465ba865ed82800032f76418
Copyright 2024, cxsecurity.com

 

Back to Top