Vulnerability Name:

CVE-2006-6535

Assigned:2006-12-14
Published:2006-12-14
Updated:2017-10-11
Summary:The dev_queue_xmit function in Linux kernel 2.6 can fail before calling the local_bh_disable function, which could lead to data corruption and "node lockups."
Note: it is not clear whether this issue is exploitable.
CVSS v3 Severity:9.1 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.4 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): Complete
9.4 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
References:Source: MITRE
Type: CNA
CVE-2006-6535

Source: CONFIRM
Type: UNKNOWN
http://linux.bkbits.net:8080/linux-2.6/gnupatch@4186e5bfgUOMBbA6xFaY0_z84kaURw

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0014

Source: SECUNIA
Type: UNKNOWN
23997

Source: SECUNIA
Type: UNKNOWN
24206

Source: SECUNIA
Type: UNKNOWN
25683

Source: SECUNIA
Type: UNKNOWN
25714

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm

Source: DEBIAN
Type: UNKNOWN
DSA-1304

Source: SUSE
Type: UNKNOWN
SUSE-SA:2007:035

Source: BID
Type: UNKNOWN
22317

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11679

Vulnerable Configuration:Configuration 1:
  • cpe:/o:linux:linux_kernel:2.6.0:-:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20066535
    V
    		CVE-2006-6535
    2015-11-16
    oval:org.mitre.oval:def:11679
    V
    		The dev_queue_xmit function in Linux kernel 2.6 can fail before calling the local_bh_disable function, which could lead to data corruption and "node lockups." NOTE: it is not clear whether this issue is exploitable.
    2013-04-29
    oval:com.redhat.rhsa:def:20070014
    P
    		RHSA-2007:0014: kernel security update (Important)
    2008-03-20
    BACK
    linux linux kernel 2.6.0