Vulnerability Description
Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 2.4.0, <= 2.6.19 |
| Canonical | Ubuntu Linux | 5.10 |
References
- http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=
- http://secunia.com/advisories/23361Broken Link
- http://secunia.com/advisories/23384Broken Link
- http://secunia.com/advisories/23474Broken Link
- http://secunia.com/advisories/23593Broken Link
- http://secunia.com/advisories/25691Broken Link
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:002Broken Link
- http://www.novell.com/linux/security/advisories/2006_79_kernel.htmlBroken Link
- http://www.securityfocus.com/archive/1/471457Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/21851Third Party AdvisoryVDB Entry
- http://www.ubuntu.com/usn/usn-395-1Third Party Advisory
- http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=
- http://secunia.com/advisories/23361Broken Link
- http://secunia.com/advisories/23384Broken Link
- http://secunia.com/advisories/23474Broken Link
FAQ
What is CVE-2006-5173?
CVE-2006-5173 is a vulnerability with a CVSS score of 2.1 (LOW). Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as d...
How severe is CVE-2006-5173?
CVE-2006-5173 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5173?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Canonical Ubuntu Linux.