CVE-2006-2629
CVSS4.0
发布时间 :2006-05-27 06:02:00
修订时间 :2016-10-17 23:39:57
NMCOS    

[原文]Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing the /proc entry of a task that is exiting, which causes memory corruption that leads to a failure in the prune_dcache function or a BUG_ON error in include/linux/list.h.


[CNNVD]Linux Kernel Proc 拒绝服务漏洞(CNNVD-200605-499)

        Linux kernel在SMP平台上运行时,可以使本地用户通过创建和退出大量的任务,然后再访问现存任务的 /proc 条目,造成内存破坏,导致 prune_dcache函数失败或include/linux/list.h中的BUG_ON错误,从而引起拒绝服务(崩溃)。

- CVSS (基础分值)

CVSS分值: 4 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: HIGH [漏洞利用存在特定的访问条件]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:linux:linux_kernel:2.6.16:rc4Linux Kernel 2.6.16 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.16:rc1Linux Kernel 2.6.16 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.15.3Linux Kernel 2.6.15.3
cpe:/o:linux:linux_kernel:2.6.16.2Linux Kernel 2.6.16.2
cpe:/o:linux:linux_kernel:2.6.16:rc2Linux Kernel 2.6.16 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.17:rc3Linux Kernel 2.6.17 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.15.2Linux Kernel 2.6.15.2
cpe:/o:linux:linux_kernel:2.6.16.1Linux Kernel 2.6.16.1
cpe:/o:linux:linux_kernel:2.6.17:rc4Linux Kernel 2.6.17 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.16.13Linux Kernel 2.6.16.13
cpe:/o:linux:linux_kernel:2.6.16.12Linux Kernel 2.6.16.12
cpe:/o:linux:linux_kernel:2.6.16:rc3Linux Kernel 2.6.16 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.15.1Linux Kernel 2.6.15.1
cpe:/o:linux:linux_kernel:2.6.15.5Linux Kernel 2.6.15.5
cpe:/o:linux:linux_kernel:2.6.16.4Linux Kernel 2.6.16.4
cpe:/o:linux:linux_kernel:2.6.15.4Linux Kernel 2.6.15.4
cpe:/o:linux:linux_kernel:2.6.16.3Linux Kernel 2.6.16.3
cpe:/o:linux:linux_kernel:2.6.15Linux Kernel 2.6.15
cpe:/o:linux:linux_kernel:2.6.16Linux Kernel 2.6.16
cpe:/o:linux:linux_kernel:2.6.16.18Linux Kernel 2.6.16.18
cpe:/o:linux:linux_kernel:2.6.17Linux Kernel 2.6.17
cpe:/o:linux:linux_kernel:2.6.16.17Linux Kernel 2.6.16.17
cpe:/o:linux:linux_kernel:2.6.16.16Linux Kernel 2.6.16.16
cpe:/o:linux:linux_kernel:2.6.16.11Linux Kernel 2.6.16.11
cpe:/o:linux:linux_kernel:2.6.16.10Linux Kernel 2.6.16.10
cpe:/o:linux:linux_kernel:2.6.16.9Linux Kernel 2.6.16.9
cpe:/o:linux:linux_kernel:2.6.16.15Linux Kernel 2.6.16.15
cpe:/o:linux:linux_kernel:2.6.16.14Linux Kernel 2.6.16.14
cpe:/o:linux:linux_kernel:2.6.16.8Linux Kernel 2.6.16.8
cpe:/o:linux:linux_kernel:2.6.16.7Linux Kernel 2.6.16.7
cpe:/o:linux:linux_kernel:2.6.16.6Linux Kernel 2.6.16.6
cpe:/o:linux:linux_kernel:2.6.15.6Linux Kernel 2.6.15.6
cpe:/o:linux:linux_kernel:2.6.16.5Linux Kernel 2.6.16.5
cpe:/o:linux:linux_kernel:2.6.17:rc5Linux Kernel 2.6.17 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.17:rc1Linux Kernel 2.6.17 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.16:rc5Linux Kernel 2.6.16 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.17:rc2Linux Kernel 2.6.17 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.16:rc6Linux Kernel 2.6.16 Release Candidate 6

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2629
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2629
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200605-499
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=linux-kernel&m=114860432801543&w=2
(UNKNOWN)  MLIST  [linux-kernel] 20060526 PROBLEM: /proc (procfs) task exit race condition causes a kernelcrash
http://www.securityfocus.com/bid/18183
(UNKNOWN)  BID  18183
http://www.vupen.com/english/advisories/2006/2070
(UNKNOWN)  VUPEN  ADV-2006-2070
http://xforce.iss.net/xforce/xfdb/26746
(UNKNOWN)  XF  linux-task-race-condition-dos(26746)

- 漏洞信息

Linux Kernel Proc 拒绝服务漏洞
中危 竞争条件
2006-05-27 00:00:00 2006-05-30 00:00:00
本地  
        Linux kernel在SMP平台上运行时,可以使本地用户通过创建和退出大量的任务,然后再访问现存任务的 /proc 条目,造成内存破坏,导致 prune_dcache函数失败或include/linux/list.h中的BUG_ON错误,从而引起拒绝服务(崩溃)。

- 公告与补丁

        暂无数据

- 漏洞信息

25847
Linux Kernel SMP /proc Race Condition Local DoS
Local Access Required Denial of Service, Race Condition
Loss of Availability

- 漏洞描述

The Linux kernel contains a flaw that may allow a local denial of service on SMP hardware, including hyperthreading processors. The issue is triggered when a large number of processes is created and terminated, while at the same time attempting to access the process ID entry in the '/proc' pseudo file system. A race condition in the 'prune_dcache()' can then lead to mempory corruption and cause the kernel to crash, leading to a loss of availability for the platform.

- 时间线

2006-05-26 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

Linux Kernel Proc dentry_unused Corruption Local Denial of Service Vulnerability
Race Condition Error 18183
No Yes
2006-05-31 12:00:00 2006-05-31 08:42:00
Tony Griffiths <tonyg@agile.tv> discovered this issue.

- 受影响的程序版本

Linux kernel 2.6.17 -rc5
Linux kernel 2.6.16 13
Linux kernel 2.6.16 .9
Linux kernel 2.6.16 .8
Linux kernel 2.6.16 .7
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Linux kernel 2.6.16 .5
Linux kernel 2.6.16 .4
Linux kernel 2.6.16 .3
Linux kernel 2.6.16 .2
Linux kernel 2.6.16 .19
Linux kernel 2.6.16 .18
Linux kernel 2.6.16 .17
Linux kernel 2.6.16 .16
Linux kernel 2.6.16 .12
Linux kernel 2.6.16 .11
Linux kernel 2.6.16 .1
Linux kernel 2.6.16 -rc1
Linux kernel 2.6.16
Linux kernel 2.6.15 .6
Linux kernel 2.6.15 .4
Linux kernel 2.6.15 .3
Linux kernel 2.6.15 .2
Linux kernel 2.6.15 .1
Linux kernel 2.6.15 -rc6
Linux kernel 2.6.15 -rc5
Linux kernel 2.6.15 -rc4
Linux kernel 2.6.15 -rc3
Linux kernel 2.6.15 -rc2
Linux kernel 2.6.15 -rc1
Linux kernel 2.6.15
Linux kernel 2.6.15.5

- 漏洞讨论

The Linux kernel is prone to a local denial-of-service vulnerability. This issue is due to a flaw in the 'proc' filesystem.

This vulnerability allows local users to cause a kernel panic, denying further service to legitimate users.

This issue affects Linux kernel versions 2.6.15 through 2.6.17-rc5 on multiprocessor computers running SMP kernels. Other kernel versions may also be affected.

- 漏洞利用

The following exploit code is sufficient to demonstrate this issue:

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.commailto:vuldb@securityfocus.com

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站