Vulnerability Description
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.4.22 |
Related Weaknesses (CWE)
References
- http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.5Patch
- http://marc.info/?l=linux-kernel&m=116614741607528&w=2
- http://marc.info/?l=linux-kernel&m=116648929829440&w=2
- http://rhn.redhat.com/errata/RHSA-2007-0014.html
- http://secunia.com/advisories/23408PatchVendor Advisory
- http://secunia.com/advisories/23427PatchVendor Advisory
- http://secunia.com/advisories/23593
- http://secunia.com/advisories/23609Vendor Advisory
- http://secunia.com/advisories/23752Vendor Advisory
- http://secunia.com/advisories/23997Vendor Advisory
- http://secunia.com/advisories/24098Vendor Advisory
- http://secunia.com/advisories/24105Vendor Advisory
- http://secunia.com/advisories/24206Vendor Advisory
- http://secunia.com/advisories/24547Vendor Advisory
- http://secunia.com/advisories/25226Vendor Advisory
FAQ
What is CVE-2006-6106?
CVE-2006-6106 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, al...
How severe is CVE-2006-6106?
CVE-2006-6106 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6106?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.