Upstream information

CVE-2006-2451 at MITRE

Description

The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.6
Vector AV:L/AC:L/Au:N/C:P/I:P/A:P
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 186980 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX 10.0
  • Intel-536ep >= 4.69-14.6
  • kernel-bigsmp >= 2.6.13-15.11
  • kernel-bigsmp-nongpl >= 2.6.13-15.11
  • kernel-default >= 2.6.13-15.11
  • kernel-default-nongpl >= 2.6.13-15.11
  • kernel-iseries64 >= 2.6.13-15.11
  • kernel-ppc64 >= 2.6.13-15.11
  • kernel-smp >= 2.6.13-15.11
  • kernel-smp-nongpl >= 2.6.13-15.11
  • kernel-source >= 2.6.13-15.11
  • kernel-syms >= 2.6.13-15.11
  • kernel-um >= 2.6.13-15.11
  • kernel-um-nongpl >= 2.6.13-15.11
  • kernel-xen >= 2.6.13-15.11
  • kernel-xen-nongpl >= 2.6.13-15.11
  • um-host-kernel >= 2.6.13-15.11
SUSE LINUX 10.1
  • kernel-bigsmp >= 2.6.16.21-0.13
  • kernel-debug >= 2.6.16.21-0.13
  • kernel-default >= 2.6.16.21-0.13
  • kernel-iseries64 >= 2.6.16.21-0.13
  • kernel-kdump >= 2.6.16.21-0.13
  • kernel-ppc64 >= 2.6.16.21-0.13
  • kernel-smp >= 2.6.16.21-0.13
  • kernel-source >= 2.6.16.21-0.13
  • kernel-syms >= 2.6.16.21-0.13
  • kernel-um >= 2.6.16.21-0.13
  • kernel-xen >= 2.6.16.21-0.13
  • kernel-xenpae >= 2.6.16.21-0.13
  • kexec-tools >= 1.101-32.17
  • mkinitrd >= 1.2-106.15
  • multipath-tools >= 0.4.6-25.9
  • open-iscsi >= 0.5.545-9.13
  • udev >= 085-30.11
Novell Linux Desktop 9 for x86_64
  • kernel-default >= 2.6.5-7.276
  • kernel-smp >= 2.6.5-7.276
  • kernel-source >= 2.6.5-7.276
  • kernel-syms >= 2.6.5-7.276
sles9-nld.x86-64
YOU Patch Nr: 11117
Novell Linux Desktop 9 for x86
  • kernel-bigsmp >= 2.6.5-7.276
  • kernel-default >= 2.6.5-7.276
  • kernel-smp >= 2.6.5-7.276
  • kernel-source >= 2.6.5-7.276
  • kernel-syms >= 2.6.5-7.276
core9.x86
YOU Patch Nr: 11118
Open Enterprise Server
  • kernel-bigsmp >= 2.6.5-7.276
  • kernel-debug >= 2.6.5-7.276
  • kernel-default >= 2.6.5-7.276
  • kernel-smp >= 2.6.5-7.276
  • kernel-source >= 2.6.5-7.276
  • kernel-syms >= 2.6.5-7.276
  • kernel-um >= 2.6.5-7.276
  • um-host-install-initrd >= 1.0-48.19
  • um-host-kernel >= 2.6.5-7.276
core9.x86
YOU Patch Nr: 11118