6.2

CVE-2006-3626

Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version2.6.16
LinuxLinux Kernel Version2.6.16 Updaterc1
LinuxLinux Kernel Version2.6.16 Updaterc2
LinuxLinux Kernel Version2.6.16 Updaterc3
LinuxLinux Kernel Version2.6.16 Updaterc4
LinuxLinux Kernel Version2.6.16 Updaterc5
LinuxLinux Kernel Version2.6.16 Updaterc6
LinuxLinux Kernel Version2.6.16.1
LinuxLinux Kernel Version2.6.16.2
LinuxLinux Kernel Version2.6.16.3
LinuxLinux Kernel Version2.6.16.4
LinuxLinux Kernel Version2.6.16.5
LinuxLinux Kernel Version2.6.16.6
LinuxLinux Kernel Version2.6.16.7
LinuxLinux Kernel Version2.6.16.8
LinuxLinux Kernel Version2.6.16.9
LinuxLinux Kernel Version2.6.16.10
LinuxLinux Kernel Version2.6.16.11
LinuxLinux Kernel Version2.6.16.12
LinuxLinux Kernel Version2.6.16.13
LinuxLinux Kernel Version2.6.16.14
LinuxLinux Kernel Version2.6.16.15
LinuxLinux Kernel Version2.6.16.16
LinuxLinux Kernel Version2.6.16.17
LinuxLinux Kernel Version2.6.16.18
LinuxLinux Kernel Version2.6.16.19
LinuxLinux Kernel Version2.6.16.20
LinuxLinux Kernel Version2.6.16.21
LinuxLinux Kernel Version2.6.16.22
LinuxLinux Kernel Version2.6.16.23
LinuxLinux Kernel Version2.6.16.24
LinuxLinux Kernel Version2.6.17
LinuxLinux Kernel Version2.6.17 Updaterc1
LinuxLinux Kernel Version2.6.17 Updaterc2
LinuxLinux Kernel Version2.6.17 Updaterc3
LinuxLinux Kernel Version2.6.17 Updaterc4
LinuxLinux Kernel Version2.6.17 Updaterc5
LinuxLinux Kernel Version2.6.17 Updaterc6
LinuxLinux Kernel Version2.6.17.1
LinuxLinux Kernel Version2.6.17.2
LinuxLinux Kernel Version2.6.17.3
LinuxLinux Kernel Version2.6.17.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.2% 0.802
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.2 1.9 10
AV:L/AC:H/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/21605
http://secunia.com/advisories/22174
http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm
http://www.redhat.com/support/errata/RHSA-2006-0617.html
http://secunia.com/advisories/21179
http://secunia.com/advisories/21498
http://www.novell.com/linux/security/advisories/2006_42_kernel.html
http://www.novell.com/linux/security/advisories/2006_47_kernel.html
http://www.novell.com/linux/security/advisories/2006_17_sr.html
http://www.novell.com/linux/security/advisories/2006_49_kernel.html
http://secunia.com/advisories/21057
http://www.securityfocus.com/archive/1/440300/100/0/threaded
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html
http://secunia.com/advisories/21041
http://secunia.com/advisories/21073
http://secunia.com/advisories/21119
http://secunia.com/advisories/21123
http://www.debian.org/security/2006/dsa-1111
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=0cb8f20d000c25118947fcafa81606300ced35f8%3Bhp=243a94af0427b2630fb85f489a5419410dac3bfc%3Bhb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3%3Bf=fs/proc/base.c
http://www.mandriva.com/security/advisories?name=MDKSA-2006:124
http://www.osvdb.org/27120
http://www.securityfocus.com/bid/18992
http://www.ubuntu.com/usn/usn-319-2
http://www.vupen.com/english/advisories/2006/2816
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973
https://exchange.xforce.ibmcloud.com/vulnerabilities/27790
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060
https://usn.ubuntu.com/319-1/