Info

Disclosure

May 12, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

The Linux Kernel contains a flaw that may allow a malicious user to circumvent file access restrictions. The issue is triggered because the 'writev()' and 'readv()' functions does not mediate data properly for 32-bit applications on 64-bit kernels. It is possible that the flaw may allow unauthorized access to files, resulting in a loss of confidentiality and/or integrity.

Classification

Location: Local Access Required
Attack Type: Other
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified

Solution

Upgrade to version 2.6.16.12 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Linux

Kernel

2.6.16.11

References

CVE ID: 2006-1856 (see also: NVD)
Secunia Advisory ID: 20237 20716 21045 21745 22093
Mail List Post: http://lists.jammed.com/linux-security-module/2005/09/0019.html
http://www.ussg.iu.edu/hypermail/linux/kernel/0604.3/0777.html
Vendor Specific Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm
http://www.ubuntu.com/usn/usn-302-1
Other Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:123
http://www.us.debian.org/security/2006/dsa-1184
Vendor Specific News/Changelog Entry: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=191524
RedHat RHSA: RHSA-2006:0493

Credit

Kostik Belousov -
Al Viro - virozeniv.linux.org.uk -

Direct URL: http://osvdb.org/25747