CVE-2006-1524 | Vulnerability Database | Aqua Security

madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way that combined two separate issues. The mprotect issue now has a separate name, CVE-2006-2071.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	2.6.16 (including)	2.6.16 (including)
Linux_kernel	Linux	2.6.16.1 (including)	2.6.16.1 (including)
Linux_kernel	Linux	2.6.16.2 (including)	2.6.16.2 (including)
Linux_kernel	Linux	2.6.16.3 (including)	2.6.16.3 (including)
Linux_kernel	Linux	2.6.16.4 (including)	2.6.16.4 (including)
Linux_kernel	Linux	2.6.16.5 (including)	2.6.16.5 (including)
Linux_kernel	Linux	2.6.16.6 (including)	2.6.16.6 (including)

References

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6
http://lwn.net/Alerts/180820/
http://secunia.com/advisories/19657
http://secunia.com/advisories/19664
http://secunia.com/advisories/19735
http://secunia.com/advisories/20398
http://secunia.com/advisories/20671
http://secunia.com/advisories/20914
http://www.debian.org/security/2006/dsa-1097
http://www.debian.org/security/2006/dsa-1103
http://www.novell.com/linux/security/advisories/2006-05-31.html
http://www.osvdb.org/24714
http://www.securityfocus.com/bid/17587
http://www.vupen.com/english/advisories/2006/1391
http://www.vupen.com/english/advisories/2006/1475
http://www.vupen.com/english/advisories/2006/2554
https://exchange.xforce.ibmcloud.com/vulnerabilities/25870

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-1524
CWE	https://cwe.mitre.org/data/definitions/264.html