Lucene search

[email protected]CVE-2006-3634

HistoryAug 04, 2006 - 11:04 p.m.

CVE-2006-3634

2006-08-0423:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

linux

kernel

cve-2006-3634

denial of service

futex

kernel address space

6.4 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in Linux kernel 2.6.17-rc4 to 2.6.18-rc2 perform the atomic futex operation in the kernel address space instead of the user address space, which allows local users to cause a denial of service (crash).

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.17
linux:linux_kernellinux linux kerneleq2.6.18

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.17
linux:linux_kernel	linux linux kernel	eq	2.6.18

References

security-tracker.debian.org/tracker/CVE-2006-3634

www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bafe00cc9297ca77b66e5c83e5e65e17c0c997c8

6.4 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2006-3634

nessus1