CVE-2006-5757

Linux Kernel - Denial of Service

Title source: rule

Description

Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures.

Exploits (1)

exploitdb WRITEUP VERIFIED

by LMH · textdoslinux

https://www.exploit-db.com/exploits/28912

View Code ZIP pw:eip

References (23)

Core 23

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/24098

Vendor Advisory vendor-advisory x_refsource_suse

http://www.novell.com/linux/security/advisories/2006_79_kernel.html

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/20920

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/30029

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/4359

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2007-0014.html

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDKSA-2007:012

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23593

Vendor Advisory x_refsource_confirm

http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-416-1

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10111

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23752

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/24206

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23474

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/22746

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23997

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/471457

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDKSA-2007:002

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2007/dsa-1304

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/25714

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/25691

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/22702

Various Sources x_refsource_misc

http://projects.info-pull.com/mokb/MOKB-05-11-2006.html

Scores

EPSS 0.0140

EPSS Percentile 80.5%

Details

CWE

CWE-17 CWE-399

Status published

Products (26)

linux/linux_kernel 2.6.0 test1 (11 CPE variants)

linux/linux_kernel 2.6.1 (3 CPE variants)

linux/linux_kernel 2.6.2

linux/linux_kernel 2.6.3

linux/linux_kernel 2.6.4

linux/linux_kernel 2.6.5

linux/linux_kernel 2.6.6 (2 CPE variants)

linux/linux_kernel 2.6.7 (2 CPE variants)

linux/linux_kernel 2.6.8 (4 CPE variants)

linux/linux_kernel 2.6.9 2.6.20

... and 16 more

Published Nov 06, 2006

Tracked Since Feb 18, 2026