CVE-2006-1524

madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way that combined two separate issues. The mprotect issue now has a separate name, CVE-2006-2071.

Published: Apr 19, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-1524
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:P/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	2.6.16.6	2.6.16.6.x
linux / linux_kernel	2.6.16.4	2.6.16.4.x
linux / linux_kernel	2.6.16.1	2.6.16.1.x
linux / linux_kernel	2.6.16.3	2.6.16.3.x
linux / linux_kernel	2.6.16	2.6.16.x
linux / linux_kernel	2.6.16.2	2.6.16.2.x
linux / linux_kernel	2.6.16.5	2.6.16.5.x

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6
http://lwn.net/Alerts/180820/
http://secunia.com/advisories/19657
http://secunia.com/advisories/19664
http://secunia.com/advisories/19735
http://secunia.com/advisories/20398
http://secunia.com/advisories/20671
http://secunia.com/advisories/20914
http://www.debian.org/security/2006/dsa-1097
http://www.debian.org/security/2006/dsa-1103
http://www.novell.com/linux/security/advisories/2006-05-31.html
http://www.osvdb.org/24714
http://www.securityfocus.com/bid/17587
http://www.vupen.com/english/advisories/2006/1391
http://www.vupen.com/english/advisories/2006/1475
http://www.vupen.com/english/advisories/2006/2554
https://exchange.xforce.ibmcloud.com/vulnerabilities/25870

Vulnerability Database

CVE-2006-1524

Deep Security Visibility Without the Complexity