Vulnerability Description
Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.6.0 |
Related Weaknesses (CWE)
References
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5
- http://lwn.net/Alerts/180820/
- http://secunia.com/advisories/19639Vendor Advisory
- http://secunia.com/advisories/19735Vendor Advisory
- http://secunia.com/advisories/20157Vendor Advisory
- http://secunia.com/advisories/20237Vendor Advisory
- http://secunia.com/advisories/20398
- http://secunia.com/advisories/20716Vendor Advisory
- http://secunia.com/advisories/20914Vendor Advisory
- http://secunia.com/advisories/21136Vendor Advisory
- http://secunia.com/advisories/21179Vendor Advisory
- http://secunia.com/advisories/21498Vendor Advisory
- http://secunia.com/advisories/21745Vendor Advisory
- http://secunia.com/advisories/21983Vendor Advisory
- http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm
FAQ
What is CVE-2006-0744?
CVE-2006-0744 is a vulnerability with a CVSS score of 4.9 (MEDIUM). Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kerne...
How severe is CVE-2006-0744?
CVE-2006-0744 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0744?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.