CVE - CVE-2006-6013

CVE-ID
CVE-2006-6013	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows local users to read arbitrary memory contents via certain negative values of crom_buf->len in an FW_GCROM command. NOTE: this issue has been labeled as an integer overflow, but it is more like an integer signedness error.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:21089 URL:http://www.securityfocus.com/bid/21089 BUGTRAQ:20061115 DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure URL:http://www.securityfocus.com/archive/1/451677/100/0/threaded BUGTRAQ:20061115 FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure URL:http://www.securityfocus.com/archive/1/451629/100/0/threaded BUGTRAQ:20061115 NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure URL:http://www.securityfocus.com/archive/1/451637/100/0/threaded BUGTRAQ:20061115 TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure URL:http://www.securityfocus.com/archive/1/451698/100/0/threaded BUGTRAQ:20061116 Re: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure URL:http://www.securityfocus.com/archive/1/451861/100/0/threaded BUGTRAQ:20061120 RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure URL:http://www.securityfocus.com/archive/1/452124/100/0/threaded BUGTRAQ:20061121 Clarifying integer overflows vs. signedness errors URL:http://www.securityfocus.com/archive/1/452264/100/0/threaded BUGTRAQ:20061122 Re: Clarifying integer overflows vs. signedness errors URL:http://www.securityfocus.com/archive/1/452331/100/0/threaded CONFIRM:http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/ieee1394/fwdev.c FREEBSD:FreeBSD-SA-06:25 URL:http://security.freebsd.org/advisories/FreeBSD-SA-06:25.kmem.asc FULLDISC:20061115 NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure URL:http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0261.html MISC:http://www.dragonflybsd.org/cvsweb/src/sys/bus/firewire/fwdev.c MISC:http://www.kernelhacking.com/bsdadv1.txt MLIST:[tech-security] 20061116 Re: [Full-disclosure] NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure URL:http://mail-index.netbsd.org/tech-security/2006/11/16/0001.html MLIST:[tech-security] 20061214 NetBSD Security Note 20061214-1: Kernel memory leakage in firewire interface URL:http://mail-index.netbsd.org/tech-security/2006/12/14/0002.html SECTRACK:1017344 URL:http://securitytracker.com/id?1017344 SECUNIA:22917 URL:http://secunia.com/advisories/22917 XF:freebsd-fwdev-integer-overflow(30347) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/30347
Assigning CNA
MITRE Corporation
Date Record Created
20061121	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20061121)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)