CVE-2006-0095 — Vulnetix

Try Vulnetix Request Demo

CVE-2006-0095 PUBLISHED CVSS 2.0999999046325684 LOW

dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.

EPSS 0.09% · 24.8th percentile

Risk Scores

CVSS v2.0

2.0999999046325684

EPSS Score

0.09%

24.8th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	2.6.15, 2.6.0, 2.6.1
n/a	n/a	n/a

Timeline

Jan 6, 2006 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

388 third-party-advisory
[linux-kernel] 20060104 [Patch 2.6] dm-crypt: Zero key material before free to avoid information leak mailing-list
19160 third-party-advisory
MDKSA-2006:040 vendor-advisory
2006-0004 vendor-advisory
16301 vdb
RHSA-2006:0132 vendor-advisory
1015740 vdb
18774 third-party-advisory
[linux-kernel] 20060104 [Patch 2.6] dm-crypt: zero key before freeing it mailing-list
FEDORA-2006-102 vendor-advisory
SUSE-SA:2006:028 vendor-advisory
FLSA:157459-4 vendor-advisory
22418 vdb
DSA-1017 vendor-advisory
20398 third-party-advisory
kernel-dmcrypt-information-disclosure(24189) vdb
USN-244-1 vendor-advisory
18527 third-party-advisory
ADV-2006-0235 vdb

…and 5 more

Open in Interactive Console →