CVE-2006-0145

Published Jan 9, 2006

Last updated 6 years ago

CVSS info 4.6

Overview

Description: The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E"
          },
          {
            "criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D"
          },
          {
            "criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A"
          },
          {
            "criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084"
          },
          {
            "criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561"
          },
          {
            "criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9"
          },
          {
            "criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24"
          },
          {
            "criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4"
          },
          {
            "criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References