CVE-2006-1066

Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call.

Published Bycve@mitre.org

Published DateMar 27, 2006, 00:02

Weakness Type (CWE):NVD-CWE-Other

CVSS Metrics

Base Score

1.2

Vector String

AV:L/AC:H/Au:N/C:N/I:N/A:P

Base Severity

Version

2.0

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

PARTIAL

References

http://marc.info/?l=linux-kernel&m=113932292516359&w=2
http://secunia.com/advisories/19374
http://secunia.com/advisories/19955
http://secunia.com/advisories/21614
http://www.debian.org/security/2006/dsa-1017
http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
http://www.osvdb.org/24098
http://www.securityfocus.com/bid/17216
https://usn.ubuntu.com/281-1/

Weakness Type (CWE):NVD-CWE-Other

CVSS Metrics

Base Score

1.2

Vector String

AV:L/AC:H/Au:N/C:N/I:N/A:P

Base Severity

Version

2.0

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

PARTIAL