5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
14.6%
The Red Hat Enterprise Linux 3 SMP Kernel may allow an authenticated attacker to cause a denial-of-service condition with specially crafted IPC shared-memory functions.
Inter-Process Communication (IPC) shared-memory is a method of passing data between programs used by the Red Hat Enterprise Linux 3 SMP Kernel. The shmat()
function is used to attach shared memory segments to data segments of calling processes and the shmctl()
function can be used to remove the shared memory segment. When these functions are run simultaneously, controls set by shmat()
that limit access to areas of IPC shared-memory may not be properly removed before the shared-memory is removed by shmctl()
. This could cause a deadlock condition where shmat()
is left waiting indefinitely to remove shared-memory access controls.
An authenticated local attacker may be able to cause the system to freeze due to a deadlock condition, resulting in a denial of service.
Upgrade or apply a patch
Patches have been released to address this issue. Refer to Red Hat Security Advisory RHSA-2006:0710. Users who compile the kernel from source are encouraged to update to the most recent version.
245984
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: November 06, 2006
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to Red Hat Security Advisory RHSA-2006:0710-01.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23245984 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This issue was reported in Red Hat Security Advisory RHSA-2006:0710-01.
This document was written by Chris Taschner.
CVE IDs: | CVE-2006-4342 |
---|---|
Severity Metric: | 0.03 Date Public: |
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
14.6%