Уязвимость CVE-2006-2935: Информация

Описание

The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow.

Важность: MEDIUM (4,6)

URL: https://nvd.nist.gov/vuln/detail/CVE-2006-2935

Опубликовано: 5 июля 2006 г.

Изменено: 28 августа 2020 г.

Идентификатор типа ошибки: CWE-120

Ссылки на рекомендации, решения и инструменты

Ссылка	Ресурс
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197670	Issue Tracking Third Party Advisory
http://bugzilla.kernel.org/show_bug.cgi?id=2966	Issue Tracking Vendor Advisory
18847	Third Party Advisory VDB Entry
SUSE-SA:2006:042	Broken Link
21179	Broken Link
21298	Broken Link
USN-331-1	Third Party Advisory
SUSE-SA:2006:047	Broken Link
SUSE-SA:2006:049	Broken Link
RHSA-2006:0617	Broken Link
21605	Broken Link
21614	Broken Link
USN-346-1	Third Party Advisory
https://issues.rpath.com/browse/RPL-611	Broken Link
21695	Broken Link
DSA-1183	Third Party Advisory
DSA-1184	Third Party Advisory
22082	Broken Link
22093	Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm	Third Party Advisory
22174	Broken Link
RHSA-2006:0710	Broken Link
22497	Broken Link
SUSE-SA:2006:064	Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm	Third Party Advisory
23064	Broken Link
21934	Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2007-078.htm	Third Party Advisory
RHSA-2007:0012	Broken Link
RHSA-2007:0013	Broken Link
23788	Broken Link
22822	Broken Link
21498	Broken Link
24288	Broken Link
MDKSA-2006:150	Broken Link
MDKSA-2006:151	Broken Link
ADV-2006-2680	Broken Link
linux-dvdreadbca-bo(27579)	Third Party Advisory VDB Entry
oval:org.mitre.oval:def:10886	Third Party Advisory
20060831 rPSA-2006-0162-1 kernel	Third Party Advisory VDB Entry

Подверженные конфигурации:
1. Конфигурация 1
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  2.2.16
  End including
  2.16.16
  
  Конфигурация 2
  cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  
  Конфигурация 3
  cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

Версия: v24.5.3

Наверх

Уязвимость CVE-2006-2935: Информация

Описание

Ссылки на рекомендации, решения и инструменты

Конфигурация 1

Конфигурация 2

Конфигурация 3