Main Vulnerability Database SB2006112205

SB2006112205 - Null pointer dereference in Linux kernel

Published: November 22, 2006

Security Bulletin ID SB2006112205

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Null pointer dereference (CVE-ID: CVE-2006-6057)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on Fedora Core 6 and possibly other operating systems, allows local users to cause a denial of service (crash) via a malformed gfs2 file stream that triggers a NULL pointer dereference in the init_journal function.

Remediation

Install update from vendor's website.

References

http://projects.info-pull.com/mokb/MOKB-15-11-2006.html
http://secunia.com/advisories/22886
http://secunia.com/advisories/24098
http://www.ubuntu.com/usn/usn-416-1
http://www.vupen.com/english/advisories/2006/4556
https://exchange.xforce.ibmcloud.com/vulnerabilities/30307