5.7 Medium
AI Score
Confidence
Low
3.6 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
49.7%
madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way that combined two separate issues. The mprotect issue now has a separate name, CVE-2006-2071.
kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6
lwn.net/Alerts/180820/
secunia.com/advisories/19657
secunia.com/advisories/19664
secunia.com/advisories/19735
secunia.com/advisories/20398
secunia.com/advisories/20671
secunia.com/advisories/20914
www.debian.org/security/2006/dsa-1097
www.debian.org/security/2006/dsa-1103
www.novell.com/linux/security/advisories/2006-05-31.html
www.osvdb.org/24714
www.securityfocus.com/bid/17587
www.vupen.com/english/advisories/2006/1391
www.vupen.com/english/advisories/2006/1475
www.vupen.com/english/advisories/2006/2554
exchange.xforce.ibmcloud.com/vulnerabilities/25870