Contents of /retired/CVE-2006-1524

Candidate: CVE-2006-1524
References: 
 CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6
 BID:17587
 URL:http://www.securityfocus.com/bid/17587
 SECUNIA:19664
 URL:http://secunia.com/advisories/19664
 SECUNIA:19657
 URL:http://secunia.com/advisories/19657 
Description: 
 madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow
 file and mmap restrictions, which allows local users to bypass IPC
 permissions and replace portions of readonly tmpfs files with zeroes,
 aka the MADV_REMOVE vulnerability. NOTE: this description was
 originally written in a way that combined two separate issues. The
 mprotect issue now has a separate name, CVE-2006-2071.
Notes: 
Bugs: 
upstream: released (2.6.16.7)
linux-2.6:
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: 
1	Candidate: CVE-2006-1524
2	References:
3	CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6
4	BID:17587
5	URL:http://www.securityfocus.com/bid/17587
6	SECUNIA:19664
7	URL:http://secunia.com/advisories/19664
8	SECUNIA:19657
9	URL:http://secunia.com/advisories/19657
10	Description:
11	madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow
12	file and mmap restrictions, which allows local users to bypass IPC
13	permissions and replace portions of readonly tmpfs files with zeroes,
14	aka the MADV_REMOVE vulnerability. NOTE: this description was
15	originally written in a way that combined two separate issues. The
16	mprotect issue now has a separate name, CVE-2006-2071.
17	Notes:
18	Bugs:
19	upstream: released (2.6.16.7)
20	linux-2.6:
21	2.6.8-sarge-security: N/A
22	2.4.27-sarge-security: N/A
23	2.4.19-woody-security:
24	2.4.18-woody-security:
25	2.4.17-woody-security:
26	2.4.16-woody-security:
27	2.4.17-woody-security-hppa:
28	2.4.17-woody-security-ia64: