CVE-2006-3626

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root.

References

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5

http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html

http://secunia.com/advisories/21041

http://secunia.com/advisories/21057

http://secunia.com/advisories/21073

http://secunia.com/advisories/21119

http://secunia.com/advisories/21123

http://secunia.com/advisories/21179

http://secunia.com/advisories/21498

http://secunia.com/advisories/21605

http://secunia.com/advisories/22174

http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm

http://www.debian.org/security/2006/dsa-1111

http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=0cb8f20d000c25118947fcafa81606300ced35f8;hp=243a94af0427b2630fb85f489a5419410dac3bfc;hb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3;f=fs/proc/base.c

http://www.mandriva.com/security/advisories?name=MDKSA-2006:124

http://www.novell.com/linux/security/advisories/2006_17_sr.html

http://www.novell.com/linux/security/advisories/2006_42_kernel.html

http://www.novell.com/linux/security/advisories/2006_47_kernel.html

http://www.novell.com/linux/security/advisories/2006_49_kernel.html

http://www.osvdb.org/27120

http://www.redhat.com/support/errata/RHSA-2006-0617.html

http://www.securityfocus.com/archive/1/440300/100/0/threaded

http://www.securityfocus.com/bid/18992

http://www.ubuntu.com/usn/usn-319-2

http://www.vupen.com/english/advisories/2006/2816

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973

https://exchange.xforce.ibmcloud.com/vulnerabilities/27790

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060

https://usn.ubuntu.com/319-1/

Details

Source: MITRE

Published: 2006-07-18

Updated: 2018-10-18

Risk Information

CVSS v2

Base Score: 6.2

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 1.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16:rc6:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.6:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.17:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.17:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.17:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.17:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.17:rc6:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
67401Oracle Linux 4 : kernel (ELSA-2006-0617 / ELSA-2006-0689)NessusOracle Linux Local Security Checks
high
59120SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 1900)NessusSuSE Local Security Checks
medium
29484SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 1896)NessusSuSE Local Security Checks
medium
27896Ubuntu 5.04 / 5.10 : linux-source-2.6.10, linux-source-2.6.12 vulnerability (USN-319-2)NessusUbuntu Local Security Checks
medium
27895Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerability (USN-319-1)NessusUbuntu Local Security Checks
medium
23875Mandrake Linux Security Advisory : kernel (MDKSA-2006:124)NessusMandriva Local Security Checks
medium
22653Debian DSA-1111-2 : kernel-source-2.6.8 - race conditionNessusDebian Local Security Checks
medium
22279CentOS 4 : kernel (CESA-2006:0617)NessusCentOS Local Security Checks
high
22264RHEL 4 : kernel (RHSA-2006:0617)NessusRed Hat Local Security Checks
high
801421CentOS RHSA-2006-0617 Security CheckLog Correlation EngineGeneric
high