Security Advisory

CVE-2006-1524

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-04-19 18:00:00

Last updated 2024-08-07 17:12:22

Assigner redhat

State PUBLISHED

Description

madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way that combined two separate issues. The mprotect issue now has a separate name, CVE-2006-2071.

← Browse all CVEs View on cve.org ↗