Back to search
CVE-2006-1524
Published: Apr 19, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way that combined two separate issues. The mprotect issue now has a separate name, CVE-2006-2071.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
linux-madvise-security-bypass(25870)
vdb-entry
x_refsource_XF
19735
third-party-advisory
x_refsource_SECUNIA
ADV-2006-2554
vdb-entry
x_refsource_VUPEN
ADV-2006-1391
vdb-entry
x_refsource_VUPEN
19664
third-party-advisory
x_refsource_SECUNIA
FEDORA-2006-423
vendor-advisory
x_refsource_FEDORA
DSA-1097
vendor-advisory
x_refsource_DEBIAN
SUSE-SA:2006:028
vendor-advisory
x_refsource_SUSE
DSA-1103
vendor-advisory
x_refsource_DEBIAN
24714
vdb-entry
x_refsource_OSVDB
17587
vdb-entry
x_refsource_BID
ADV-2006-1475
vdb-entry
x_refsource_VUPEN
20398
third-party-advisory
x_refsource_SECUNIA
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6
x_refsource_CONFIRM
19657
third-party-advisory
x_refsource_SECUNIA
20671
third-party-advisory
x_refsource_SECUNIA
20914
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now