CVE-2006-3626
Vulnerability from cvelistv5
Published
2006-07-15 01:06
Modified
2024-08-07 18:39
Severity ?
Summary
Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root.
References
cve@mitre.orghttp://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html
cve@mitre.orghttp://secunia.com/advisories/21041
cve@mitre.orghttp://secunia.com/advisories/21057
cve@mitre.orghttp://secunia.com/advisories/21073
cve@mitre.orghttp://secunia.com/advisories/21119
cve@mitre.orghttp://secunia.com/advisories/21123
cve@mitre.orghttp://secunia.com/advisories/21179
cve@mitre.orghttp://secunia.com/advisories/21498
cve@mitre.orghttp://secunia.com/advisories/21605
cve@mitre.orghttp://secunia.com/advisories/22174
cve@mitre.orghttp://support.avaya.com/elmodocs2/security/ASA-2006-203.htm
cve@mitre.orghttp://www.debian.org/security/2006/dsa-1111
cve@mitre.orghttp://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=0cb8f20d000c25118947fcafa81606300ced35f8%3Bhp=243a94af0427b2630fb85f489a5419410dac3bfc%3Bhb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3%3Bf=fs/proc/base.c
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:124
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2006_17_sr.html
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2006_42_kernel.html
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2006_47_kernel.html
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2006_49_kernel.html
cve@mitre.orghttp://www.osvdb.org/27120
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2006-0617.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/440300/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/18992
cve@mitre.orghttp://www.ubuntu.com/usn/usn-319-2
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/2816
cve@mitre.orghttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/27790
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060
cve@mitre.orghttps://usn.ubuntu.com/319-1/
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:39:53.486Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "linux-proc-race-condition(27790)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27790"
          },
          {
            "name": "ADV-2006-2816",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2816"
          },
          {
            "name": "SUSE-SR:2006:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
          },
          {
            "name": "SUSE-SA:2006:042",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html"
          },
          {
            "name": "21123",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21123"
          },
          {
            "name": "RHSA-2006:0617",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0617.html"
          },
          {
            "name": "21057",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21057"
          },
          {
            "name": "oval:org.mitre.oval:def:10060",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060"
          },
          {
            "name": "21605",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21605"
          },
          {
            "name": "SUSE-SA:2006:047",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_47_kernel.html"
          },
          {
            "name": "21073",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21073"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=0cb8f20d000c25118947fcafa81606300ced35f8%3Bhp=243a94af0427b2630fb85f489a5419410dac3bfc%3Bhb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3%3Bf=fs/proc/base.c"
          },
          {
            "name": "22174",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22174"
          },
          {
            "name": "27120",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/27120"
          },
          {
            "name": "MDKSA-2006:124",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:124"
          },
          {
            "name": "20060714 Linux kernel 0day - dynamite inside, don\u0027t burn your fingers",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html"
          },
          {
            "name": "USN-319-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/319-1/"
          },
          {
            "name": "DSA-1111",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1111"
          },
          {
            "name": "21498",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21498"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm"
          },
          {
            "name": "21041",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21041"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973"
          },
          {
            "name": "18992",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18992"
          },
          {
            "name": "USN-319-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-319-2"
          },
          {
            "name": "21119",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21119"
          },
          {
            "name": "SUSE-SA:2006:049",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_49_kernel.html"
          },
          {
            "name": "20060717 rPSA-2006-0130-1 kernel",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/440300/100/0/threaded"
          },
          {
            "name": "21179",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21179"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "linux-proc-race-condition(27790)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27790"
        },
        {
          "name": "ADV-2006-2816",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2816"
        },
        {
          "name": "SUSE-SR:2006:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
        },
        {
          "name": "SUSE-SA:2006:042",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html"
        },
        {
          "name": "21123",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21123"
        },
        {
          "name": "RHSA-2006:0617",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0617.html"
        },
        {
          "name": "21057",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21057"
        },
        {
          "name": "oval:org.mitre.oval:def:10060",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060"
        },
        {
          "name": "21605",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21605"
        },
        {
          "name": "SUSE-SA:2006:047",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_47_kernel.html"
        },
        {
          "name": "21073",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21073"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=0cb8f20d000c25118947fcafa81606300ced35f8%3Bhp=243a94af0427b2630fb85f489a5419410dac3bfc%3Bhb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3%3Bf=fs/proc/base.c"
        },
        {
          "name": "22174",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22174"
        },
        {
          "name": "27120",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/27120"
        },
        {
          "name": "MDKSA-2006:124",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:124"
        },
        {
          "name": "20060714 Linux kernel 0day - dynamite inside, don\u0027t burn your fingers",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html"
        },
        {
          "name": "USN-319-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/319-1/"
        },
        {
          "name": "DSA-1111",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1111"
        },
        {
          "name": "21498",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21498"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm"
        },
        {
          "name": "21041",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21041"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973"
        },
        {
          "name": "18992",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18992"
        },
        {
          "name": "USN-319-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-319-2"
        },
        {
          "name": "21119",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21119"
        },
        {
          "name": "SUSE-SA:2006:049",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_49_kernel.html"
        },
        {
          "name": "20060717 rPSA-2006-0130-1 kernel",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/440300/100/0/threaded"
        },
        {
          "name": "21179",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21179"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3626",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "linux-proc-race-condition(27790)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27790"
            },
            {
              "name": "ADV-2006-2816",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2816"
            },
            {
              "name": "SUSE-SR:2006:017",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
            },
            {
              "name": "SUSE-SA:2006:042",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html"
            },
            {
              "name": "21123",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21123"
            },
            {
              "name": "RHSA-2006:0617",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0617.html"
            },
            {
              "name": "21057",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21057"
            },
            {
              "name": "oval:org.mitre.oval:def:10060",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060"
            },
            {
              "name": "21605",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21605"
            },
            {
              "name": "SUSE-SA:2006:047",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_47_kernel.html"
            },
            {
              "name": "21073",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21073"
            },
            {
              "name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5",
              "refsource": "CONFIRM",
              "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5"
            },
            {
              "name": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=0cb8f20d000c25118947fcafa81606300ced35f8;hp=243a94af0427b2630fb85f489a5419410dac3bfc;hb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3;f=fs/proc/base.c",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=0cb8f20d000c25118947fcafa81606300ced35f8;hp=243a94af0427b2630fb85f489a5419410dac3bfc;hb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3;f=fs/proc/base.c"
            },
            {
              "name": "22174",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22174"
            },
            {
              "name": "27120",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/27120"
            },
            {
              "name": "MDKSA-2006:124",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:124"
            },
            {
              "name": "20060714 Linux kernel 0day - dynamite inside, don\u0027t burn your fingers",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html"
            },
            {
              "name": "USN-319-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/319-1/"
            },
            {
              "name": "DSA-1111",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1111"
            },
            {
              "name": "21498",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21498"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm"
            },
            {
              "name": "21041",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21041"
            },
            {
              "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973"
            },
            {
              "name": "18992",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18992"
            },
            {
              "name": "USN-319-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-319-2"
            },
            {
              "name": "21119",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21119"
            },
            {
              "name": "SUSE-SA:2006:049",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_49_kernel.html"
            },
            {
              "name": "20060717 rPSA-2006-0130-1 kernel",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/440300/100/0/threaded"
            },
            {
              "name": "21179",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21179"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3626",
    "datePublished": "2006-07-15T01:06:00",
    "dateReserved": "2006-07-14T00:00:00",
    "dateUpdated": "2024-08-07T18:39:53.486Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-3626\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-07-18T15:46:00.000\",\"lastModified\":\"2023-11-07T01:59:04.200\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root.\"},{\"lang\":\"es\",\"value\":\"Condici\u00f3n de carrera en Linux kernel 2.6.17.4  y anteriores permite a usuarios locales ganar privilegios de root a trav\u00e9s del uso de prctl con PR_SET_DUMPABLE en un camino que hace que /proc/self/environ llegue a tener el setuid de root.\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"This vulnerability does not affect Red Hat Enterprise Linux 2.1 or 3 as they are based on 2.4 kernels.\\n\\nThe exploit relies on the kernel supporting the a.out binary format.  Red Hat Enterprise Linux 4, Fedora Core 4, and Fedora Core 5 do not support the a.out binary format, causing the exploit to fail.  We are not currently\\naware of any way to exploit this vulnerability if a.out binary format is not enabled.  In addition, a default installation of these OS enables SELinux in enforcing mode.  SELinux also completely blocks attempts to exploit this issue.\\n\\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973#c10\",\"lastModified\":\"2006-07-19T00:00:00\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:C/I:C/A:C\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":6.2},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":1.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34E60197-56C3-485C-9609-B1C4A0E0FCB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1369C4A-EF3B-4805-9046-ADA38ED940C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC3639E1-B5E4-4DD6-80D4-BA07D192C42D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"54393D69-B368-4296-9798-D81570495C6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6791A801-9E06-47DD-912F-D8594E2F6B3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE90CCED-3A5B-46E3-A6B0-4865AB786289\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBFF6DE7-6D7C-469A-9B2D-2F6E915F55B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86E452E4-45A9-4469-BF69-F40B6598F0EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5751AC4-A60F-42C6-88E5-FC8CFEE6F696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FF886A6-7E73-47AD-B6A5-A9EC5BEDCD0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48777A01-8F36-4752-8F7A-1D1686C69A33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42DA6A18-5AA1-4920-94C6-8D0BB73C5352\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"992EA5DE-5A5B-4782-8B5A-BDD8D6FB1E31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E51F0211-2D3E-4260-AD63-E83AE4EC4AF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C4E1245-C6BB-462C-9E27-C608595DAE3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"747F1324-AEFA-496F-9447-12CD13114F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"795C3B17-687E-4F33-AA99-8FEC16F14693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2BDD5C7-9B6A-41B5-8679-5062B8A6E11B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"190D5E2C-AD60-41F4-B29D-FB8EA8CB5FF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B81A4DD-2ADE-4455-B517-5E4E0532D5A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BD589CC-666B-4FAA-BCF0-91C484BDDB09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CD622EE-A840-42E1-B6BF-4AA27D039B12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"900D6742-DE0F-45C5-A812-BF84088CB02A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"225CA94C-8C84-4FA6-95D0-160A0016FBFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D88ED3C4-64C5-44B2-9F23-E16087046C40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03FB31E5-190C-489A-AB30-910D2CC854F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF4A781A-4A41-466F-8426-10B40CF8BA1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ED29B3F-456B-4767-8E59-8C19A3B7E1D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6316369-B54A-4E59-A022-E0610353B284\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"073C3CE0-E12D-4545-8460-5A1514271D50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"670FAA25-A86F-4E04-A3A0-0B3FF6CF9C26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E86E13B-EC92-47F3-94A9-DB515313011D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"980A6C7D-6175-4A44-8377-74AA7A9FD108\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C226902-04D9-4F32-866C-20225841ECF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6EDD210-6E7B-4BD8-96C2-2C22FEE7DE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"655DB612-AF49-4C17-AFB9-2E33EE8E0572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EE30F34-EE81-4E1E-BF9F-A7A36B78B897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1F65DF2-2794-47B7-9676-CCF150683CC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEB3068F-2F64-4BBC-BA3C-FB56A2FBED50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6555D45B-D3B3-4455-AB1E-E513F9FB6139\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FA5E262-7825-496F-AA72-0AD6DE6F3C78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56C6C01B-4CED-4F37-A415-0603496C27DC\"}]}]}],\"references\":[{\"url\":\"http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21041\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21057\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21073\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21119\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21123\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21179\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21498\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21605\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22174\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1111\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=0cb8f20d000c25118947fcafa81606300ced35f8%3Bhp=243a94af0427b2630fb85f489a5419410dac3bfc%3Bhb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3%3Bf=fs/proc/base.c\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:124\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_17_sr.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_42_kernel.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_47_kernel.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_49_kernel.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/27120\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0617.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/440300/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/18992\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/usn-319-2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2816\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27790\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/319-1/\",\"source\":\"cve@mitre.org\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.