CVE - CVE-2006-2936

CVE-ID
CVE-2006-2936	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:19033 URL:http://www.securityfocus.com/bid/19033 MISC:20060717 rPSA-2006-0130-1 kernel URL:http://www.securityfocus.com/archive/1/440300/100/0/threaded MISC:20703 URL:http://secunia.com/advisories/20703 MISC:21057 URL:http://secunia.com/advisories/21057 MISC:21298 URL:http://secunia.com/advisories/21298 MISC:21605 URL:http://secunia.com/advisories/21605 MISC:21614 URL:http://secunia.com/advisories/21614 MISC:21934 URL:http://secunia.com/advisories/21934 MISC:22093 URL:http://secunia.com/advisories/22093 MISC:22174 URL:http://secunia.com/advisories/22174 MISC:24547 URL:http://secunia.com/advisories/24547 MISC:25226 URL:http://secunia.com/advisories/25226 MISC:25683 URL:http://secunia.com/advisories/25683 MISC:27119 URL:~~http://www.osvdb.org/27119~~ (Obsolete source) MISC:ADV-2006-2841 URL:~~http://www.vupen.com/english/advisories/2006/2841~~ (Obsolete source) MISC:DSA-1184 URL:http://www.debian.org/security/2006/dsa-1184 MISC:MDKSA-2006:150 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:150~~ (Obsolete source) MISC:MDKSA-2006:151 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:151~~ (Obsolete source) MISC:RHSA-2006:0617 URL:http://www.redhat.com/support/errata/RHSA-2006-0617.html MISC:SUSE-SA:2007:018 URL:http://www.novell.com/linux/security/advisories/2007_18_kernel.html MISC:SUSE-SA:2007:021 URL:http://www.novell.com/linux/security/advisories/2007_21_kernel.html MISC:SUSE-SA:2007:030 URL:http://www.novell.com/linux/security/advisories/2007_30_kernel.html MISC:SUSE-SA:2007:035 URL:http://www.novell.com/linux/security/advisories/2007_35_kernel.html MISC:USN-331-1 URL:http://www.ubuntu.com/usn/usn-331-1 MISC:USN-346-1 URL:http://www.ubuntu.com/usn/usn-346-1 MISC:http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm URL:http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm MISC:http://www.kernel.org/git/?p=linux/kernel/git/gregkh/patches.git%3Ba=blob%3Bh=4b4d9cfea17618b80d3ac785b701faeaf60141f1%3Bhb=396eb2aac550ec55856c6843ef9017e800c3d656 URL:http://www.kernel.org/git/?p=linux/kernel/git/gregkh/patches.git%3Ba=blob%3Bh=4b4d9cfea17618b80d3ac785b701faeaf60141f1%3Bhb=396eb2aac550ec55856c6843ef9017e800c3d656 MISC:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197610 URL:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197610 MISC:linux-ftdi-sio-dos(27807) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/27807 MISC:oval:org.mitre.oval:def:10265 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10265
Assigning CNA
Red Hat, Inc.
Date Record Created
20060609	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060609)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE™ List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2025, The MITRE Corporation. CVE is a trademark and the CVE logo is a registered trademark of The MITRE Corporation.