CVE-2006-5754
5.9 Medium
AI Score
Confidence
Low
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.2%
The aio_setup_ring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service (crash) via an unspecified error path that causes an incorrect free operation.
| CPE | Name | Operator | Version |
|---|---|---|---|
| linux:linux_kernel | linux linux kernel | le | 2.6.11 |
References
rhn.redhat.com/errata/RHSA-2007-0014.html
secunia.com/advisories/23997
secunia.com/advisories/24206
secunia.com/advisories/25683
secunia.com/advisories/25714
support.avaya.com/elmodocs2/security/ASA-2007-063.htm
www.debian.org/security/2007/dsa-1304
www.mandriva.com/security/advisories?name=MDKSA-2007:025
www.novell.com/linux/security/advisories/2007_35_kernel.html
www.securityfocus.com/bid/22193
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11234
Social References
More
Related
5.9 Medium
AI Score
Confidence
Low
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.2%