CVE

CVE-2006-4813

Date: (C)2006-10-12   (M)2023-12-22

The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE

Reference:

BID-21522

SECUNIA-23370

SECUNIA-23384

SECUNIA-23474

SECUNIA-23752

SECUNIA-23997

SECUNIA-24206

OSVDB-31376

DSA-1233

MDKSA-2007:012

MDKSA-2007:025

RHSA-2007:0014

SUSE-SA:2006:079

USN-395-1

http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm

http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=152becd26e0563aefdbc4fd1fe491928efe92d1f

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207463

oval:org.mitre.oval:def:11701