CVE-2006-0039
Summary
| CVE | CVE-2006-0039 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-05-19 22:02:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-read in IPT_ENTRY_ITERATE. |
Risk And Classification
Primary CVSS: v2.0 4.7 from [email protected]
AV:L/AC:H/Au:N/C:P/I:N/A:C
EPSS: 0.000650000 probability, percentile 0.200750000 (date 2026-04-20)
Problem Types: CWE-362 | n/a
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
HighAuthentication
NoneConfidentiality
PartialIntegrity
NoneAvailability
CompleteAV:L/AC:H/Au:N/C:P/I:N/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Linux | Linux Kernel | 2.6.16 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Secunia - Advisories - Ubuntu update for kernel | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| ASA-2006-249 (RHSA-2006-0689) | af854a3a-2127-422b-91ae-364da2661108 | support.avaya.com | |
| Linux Kernel Multiple Vulnerabilities - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| 404: File not found | af854a3a-2127-422b-91ae-364da2661108 | kernel.org | |
| rhn.redhat.com | Red Hat Support | af854a3a-2127-422b-91ae-364da2661108 | www.redhat.com | |
| usn/usn-311-1 - Ubuntu: Linux for human beings | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | |
| kernel/git/torvalds/linux.git - Linux kernel source tree | af854a3a-2127-422b-91ae-364da2661108 | www.kernel.org | |
| Avaya Products Linux Kernel Multiple Vulnerabilities - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Webmail - OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| Debian -- Security Information -- DSA-1097-1 kernel-source-2.4.27 | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | |
| www.osvdb.org/25697 | af854a3a-2127-422b-91ae-364da2661108 | www.osvdb.org | |
| Red Hat update for kernel - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Linux Kernel Netfilter Weakness and Two SCTP Vulnerabilities - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Debian -- Security Information -- DSA-1103-1 kernel-source-2.6.8 | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | |
| 133465 – Kernel: netfilter do_add_counters race (CVE-2006-0039) | af854a3a-2127-422b-91ae-364da2661108 | bugs.gentoo.org | Patch |
| 191698 – CVE-2006-0039 netfilter do_add_counters race | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.redhat.com | |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | |
| Debian update for kernel-source-2.4.27 - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Debian update for kernel-source-2.6.8 - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Webmail - OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| Linux Kernel Netfilter Do_Add_Counters Local Race Condition Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| kernel/git/torvalds/linux.git - Linux kernel source tree | MITRE | www.kernel.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.