CVE-2006-1524

Description

madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way that combined two separate issues. The mprotect issue now has a separate name, CVE-2006-2071.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/25870

http://www.vupen.com/english/advisories/2006/2554

http://www.vupen.com/english/advisories/2006/1475

http://www.vupen.com/english/advisories/2006/1391

http://www.securityfocus.com/bid/17587

http://www.osvdb.org/24714

http://www.novell.com/linux/security/advisories/2006-05-31.html

http://www.debian.org/security/2006/dsa-1103

http://www.debian.org/security/2006/dsa-1097

http://secunia.com/advisories/20914

http://secunia.com/advisories/20671

http://secunia.com/advisories/20398

http://secunia.com/advisories/19735

http://secunia.com/advisories/19664

http://secunia.com/advisories/19657

http://lwn.net/Alerts/180820/

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3