Race condition in Linux kernel

1) Race condition

EUVDB-ID: #VU95464

Risk: Low

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2006-0457

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read data or crash the application.

Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory.

Mitigation

Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

CPE2.3

• cpe:2.3:o:linux_foundation:linux_kernel:*:*:*:*:*:*:*:*

External links

https://secunia.com/advisories/19220
https://secunia.com/advisories/20398
https://secunia.com/advisories/21465
https://secunia.com/advisories/22417
https://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
https://www.mandriva.com/security/advisories?name=MDKSA-2006:059
https://www.novell.com/linux/security/advisories/2006-05-31.html
https://www.osvdb.org/23894
https://www.redhat.com/support/errata/RHSA-2006-0575.html
https://www.securityfocus.com/bid/17084
https://exchange.xforce.ibmcloud.com/vulnerabilities/25354
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9566
https://usn.ubuntu.com/263-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.