Vulnerability Details : CVE-2006-5158
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock.
Vulnerability category: Denial of service
Threat overview for CVE-2006-5158
Top countries where our scanners detected CVE-2006-5158
Top open port discovered on systems with this issue
49153
IPs affected by CVE-2006-5158 11,989
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2006-5158!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2006-5158
Probability of exploitation activity in the next 30 days: 7.35%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 94 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-5158
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
3.3
|
LOW | AV:A/AC:L/Au:N/C:N/I:N/A:P |
6.5
|
2.9
|
NIST |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2006-5158
-
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2006-5158
-
Red Hat 2006-10-16Red Hat is aware of this issue and is tracking it via the following bug for Red Hat Enterprise Linux 4: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210128 This issue does not affect Red Hat Enterprise Linux 2.1 or 3.
-
http://secunia.com/advisories/23752
About Secunia Research | FlexeraBroken Link;Vendor Advisory
-
http://www.mandriva.com/security/advisories?name=MDKSA-2007:012
Bot VerificationPatch;Third Party Advisory
-
http://marc.info/?l=linux-kernel&m=113494474208973&w=2
'Re: lockd: couldn't create RPC handle for (host)' - MARCMailing List;Patch
-
http://rhn.redhat.com/errata/RHSA-2007-0488.html
RHSA-2007:0488 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9b5b1f5bf9dcdb6f23abf65977a675eb4deba3c0
-
http://marc.info/?l=linux-kernel&m=113476665626446&w=2
'lockd: couldn't create RPC handle for (host)' - MARCMailing List
-
http://www.ubuntu.com/usn/usn-395-1
USN-395-1: Linux kernel vulnerabilities | Ubuntu security notices | UbuntuThird Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10128
404 Not FoundBroken Link
-
http://secunia.com/advisories/23384
About Secunia Research | FlexeraBroken Link;Vendor Advisory
-
http://www.securityfocus.com/bid/21581
Broken Link;Third Party Advisory;VDB Entry
-
http://secunia.com/advisories/23361
About Secunia Research | FlexeraBroken Link;Vendor Advisory
-
http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm
ASA-2007-287 (RHSA-2007-0488)Third Party Advisory
-
http://www.novell.com/linux/security/advisories/2006_57_kernel.html
404 Page Not Found | SUSEBroken Link
-
http://secunia.com/advisories/26289
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/25838
About Secunia Research | FlexeraBroken Link;Vendor Advisory
-
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9b5b1f5bf9dcdb6f23abf65977a675eb4deba3c0
Broken Link
- cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*