Out-of-bounds read in Linux kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2006-5174 |
| CWE-ID | CWE-125 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Out-of-bounds read
EUVDB-ID: #VU95578
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2006-5174
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by 'appending to a file from a bad address,' which triggers a fault that prevents the unused memory from being cleared in the kernel buffer. This vulnerability is addressed in the following product update: Linux, Linux kernel, 2.6.19 rc1
MitigationInstall update from vendor's repository.
Vulnerable software versionsLinux kernel: All versions
CPE2.3 External linkshttp://lkml.org/lkml/2006/11/5/46
http://rhn.redhat.com/errata/RHSA-2007-0014.html
http://secunia.com/advisories/22289
http://secunia.com/advisories/22497
http://secunia.com/advisories/23064
http://secunia.com/advisories/23370
http://secunia.com/advisories/23395
http://secunia.com/advisories/23474
http://secunia.com/advisories/23997
http://secunia.com/advisories/24206
http://securitytracker.com/id?1017090
http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm
http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=52149ba6b0ddf3e9d965257cc0513193650b3ea8
http://www.novell.com/linux/security/advisories/2006_79_kernel.html
http://www.redhat.com/support/errata/RHSA-2006-0710.html
http://www.securityfocus.com/bid/20379
http://www.us.debian.org/security/2006/dsa-1233
http://www.us.debian.org/security/2006/dsa-1237
http://www.vupen.com/english/advisories/2006/3938
http://exchange.xforce.ibmcloud.com/vulnerabilities/29378
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9885
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
