CVE-2006-5757
Gravedad CVSS v2.0:
BAJA
Tipo:
CWE-17
Error de código
Fecha de publicación:
06/11/2006
Última modificación:
09/04/2025
Descripción
Condición de carrera en la función __find_get_block_slow en el sistema de ficheros ISO9660 en Linux 2.6.18 y posiblemente otras versiones permite a usuarios locales provocar una denegación de servicio (bucle infinito) montando un sistema de fisheros ISO9660 manipulado que contiene estructuras de datos mal formadas.
Impacto
Puntuación base 2.0
1.20
Gravedad 2.0
BAJA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://projects.info-pull.com/mokb/MOKB-05-11-2006.html
- http://rhn.redhat.com/errata/RHSA-2007-0014.html
- http://secunia.com/advisories/22702
- http://secunia.com/advisories/22746
- http://secunia.com/advisories/23474
- http://secunia.com/advisories/23593
- http://secunia.com/advisories/23752
- http://secunia.com/advisories/23997
- http://secunia.com/advisories/24098
- http://secunia.com/advisories/24206
- http://secunia.com/advisories/25691
- http://secunia.com/advisories/25714
- http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm
- http://www.debian.org/security/2007/dsa-1304
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A002
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A012
- http://www.novell.com/linux/security/advisories/2006_79_kernel.html
- http://www.securityfocus.com/archive/1/471457
- http://www.securityfocus.com/bid/20920
- http://www.ubuntu.com/usn/usn-416-1
- http://www.vupen.com/english/advisories/2006/4359
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30029
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10111
- http://projects.info-pull.com/mokb/MOKB-05-11-2006.html
- http://rhn.redhat.com/errata/RHSA-2007-0014.html
- http://secunia.com/advisories/22702
- http://secunia.com/advisories/22746
- http://secunia.com/advisories/23474
- http://secunia.com/advisories/23593
- http://secunia.com/advisories/23752
- http://secunia.com/advisories/23997
- http://secunia.com/advisories/24098
- http://secunia.com/advisories/24206
- http://secunia.com/advisories/25691
- http://secunia.com/advisories/25714
- http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm
- http://www.debian.org/security/2007/dsa-1304
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A002
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A012
- http://www.novell.com/linux/security/advisories/2006_79_kernel.html
- http://www.securityfocus.com/archive/1/471457
- http://www.securityfocus.com/bid/20920
- http://www.ubuntu.com/usn/usn-416-1
- http://www.vupen.com/english/advisories/2006/4359
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30029
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10111