CVE-2006-6304
Published: 14 December 2006
The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets the flag variable to O_EXCL but does not use it, which allows context-dependent attackers to modify arbitrary files via a rewrite attack during a core dump.
Priority
Status
Package | Release | Status |
---|---|---|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
edgy |
Does not exist
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-source-2.6.17 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Not vulnerable
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-source-2.6.20 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Does not exist
|
|
feisty |
Not vulnerable
|
|
upstream |
Needs triage
|