CVE-2006-0038

Linux <2.6.16-rc3 - Buffer Overflow

Title source: llm

Description

Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.

References (18)

[Patch] http://www.securityfocus.com/bid/17178

[Issue Tracking] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=186295

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/25400

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2006-0575.html

[Vendor Advisory] http://www.ubuntu.com/usn/usn-302-1

[Vendor Advisory] http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm

[Vendor Advisory] http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee4bb818ae35f68d1f848eae0a7b150a38eb4168

[Third Party Advisory] http://www.debian.org/security/2006/dsa-1097

[Third Party Advisory] http://www.debian.org/security/2006/dsa-1103

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10945

[Third Party Advisory] http://secunia.com/advisories/19330

[Third Party Advisory] http://secunia.com/advisories/20671

[Third Party Advisory] http://secunia.com/advisories/20716

[Third Party Advisory] http://secunia.com/advisories/20914

[Third Party Advisory] http://secunia.com/advisories/21465

[Third Party Advisory] http://secunia.com/advisories/22417

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/1046

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/2554

Scores

EPSS 0.0009

EPSS Percentile 25.7%

Classification

CWE

CWE-189

Status draft

Affected Products (50)

linux/linux_kernel

... and 35 more

Timeline

Published Mar 22, 2006

Tracked Since Feb 18, 2026