Vulnerability CVE-2006-5701


Published: 2006-11-03   Modified: 2012-02-12

Description:
Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem.

Vendor: Redhat
Product: Fedora core 
Version: core_5.0;
Vendor: Linux
Product: Linux kernel 
Version:
2.6_test9_cvs
2.6.9
2.6.8
2.6.7
2.6.6
2.6.5
2.6.4
2.6.3
2.6.2
2.6.19
2.6.18.1
2.6.18
2.6.17.8
2.6.17.7
2.6.17.6
2.6.17.5
2.6.17.3
2.6.17.14
2.6.17.13
2.6.17.12
2.6.17.11
2.6.17.10
2.6.17.1
2.6.17
2.6.16.9
2.6.16.7
2.6.16.27
2.6.16.23
2.6.16.19
2.6.16.13
2.6.16.12
2.6.16.11
2.6.16.1
2.6.16
2.6.15.5
2.6.15.4
2.6.15.3
2.6.15.2
2.6.15.1
2.6.15
2.6.14.5
2.6.14.4
2.6.14.3
2.6.14.2
2.6.14.1
2.6.14
2.6.13.4
2.6.13.3
2.6.13.2
2.6.13.1
2.6.13
2.6.12.6
2.6.12.5
2.6.12.4
2.6.12.3
2.6.12.2
2.6.12.1
2.6.12
2.6.11.8
2.6.11.7
2.6.11.6
2.6.11.5
2.6.11.4
2.6.11.12
2.6.11.11
2.6.11
2.6.10
2.6.1
2.6.0

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.9/10
6.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

 References:
http://xforce.iss.net/xforce/xfdb/29967
http://www.securityfocus.com/bid/20870
http://secunia.com/advisories/22655
http://projects.info-pull.com/mokb/MOKB-02-11-2006.html
http://www.ubuntu.com/usn/usn-395-1
http://www.mandriva.com/security/advisories?name=MDKSA-2007:047
http://secunia.com/advisories/24259
http://secunia.com/advisories/23384
http://secunia.com/advisories/23361

Related CVE
CVE-2019-10639
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the...
CVE-2019-10638
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to ...
CVE-2019-13233
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
CVE-2019-12984
A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of ser...
CVE-2019-12817
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of pow...
CVE-2019-3896
A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
CVE-2019-11479
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial ...
CVE-2019-11478
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denia...

Copyright 2019, cxsecurity.com

 

Back to Top