| Name | CVE-2007-6206 |
| Description | The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more) |
| References | DSA-1436-1, DSA-1503-1, DSA-1503-2, DSA-1504-1 |
| NVD severity | low (attack range: local) |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| fai-kernels | source | etch | 1.17+etch.13etch6 | low | DSA-1436-1 | |
| fai-kernels | source | sarge | 1.9.1sarge8 | low | DSA-1504-1 | |
| hostap-modules-i386 | source | sarge | 1:0.3.7-1sarge3 | low | DSA-1503-1 | |
| i2c | source | sarge | 1:2.9.1-1sarge2 | low | DSA-1503-1 | |
| kernel-image-2.4.27-alpha | source | sarge | 2.4.27-10sarge6 | low | DSA-1503-1 | |
| kernel-image-2.4.27-arm | source | sarge | 2.4.27-2sarge6 | low | DSA-1503-1 | |
| kernel-image-2.4.27-i386 | source | sarge | 2.4.27-10sarge6 | low | DSA-1503-1 | |
| kernel-image-2.4.27-ia64 | source | sarge | 2.4.27-10sarge6 | low | DSA-1503-1 | |
| kernel-image-2.4.27-m68k | source | sarge | 2.4.27-3sarge6 | low | DSA-1503-1 | |
| kernel-image-2.4.27-s390 | source | sarge | 2.4.27-2sarge6 | low | DSA-1503-1 | |
| kernel-image-2.4.27-sparc | source | sarge | 2.4.27-9sarge6 | low | DSA-1503-1 | |
| kernel-image-2.6.8-alpha | source | sarge | 2.6.8-17sarge1 | low | DSA-1504-1 | |
| kernel-image-2.6.8-amd64 | source | sarge | 2.6.8-17sarge1 | low | DSA-1504-1 | |
| kernel-image-2.6.8-hppa | source | sarge | 2.6.8-7sarge1 | low | DSA-1504-1 | |
| kernel-image-2.6.8-i386 | source | sarge | 2.6.8-17sarge1 | low | DSA-1504-1 | |
| kernel-image-2.6.8-ia64 | source | sarge | 2.6.8-15sarge1 | low | DSA-1504-1 | |
| kernel-image-2.6.8-m68k | source | sarge | 2.6.8-5sarge1 | low | DSA-1504-1 | |
| kernel-image-2.6.8-s390 | source | sarge | 2.6.8-6sarge1 | low | DSA-1504-1 | |
| kernel-image-2.6.8-sparc | source | sarge | 2.6.8-16sarge1 | low | DSA-1504-1 | |
| kernel-image-speakup-i386 | source | sarge | 2.4.27-1.1sarge5 | low | DSA-1503-1 | |
| kernel-latest-2.4-alpha | source | sarge | 101sarge3 | low | DSA-1503-1 | |
| kernel-latest-2.4-i386 | source | sarge | 101sarge2 | low | DSA-1503-1 | |
| kernel-latest-2.4-s390 | source | sarge | 2.4.27-1sarge2 | low | DSA-1503-1 | |
| kernel-latest-2.4-sparc | source | sarge | 42sarge3 | low | DSA-1503-1 | |
| kernel-patch-2.4.27-mips | source | sarge | 2.4.27-10.sarge4.040815-3 | low | DSA-1503-1 | |
| kernel-patch-powerpc-2.4.27 | source | sarge | 2.4.27-10sarge6 | low | DSA-1503-1 | |
| kernel-patch-powerpc-2.6.8 | source | sarge | 2.6.8-13sarge1 | low | DSA-1504-1 | |
| kernel-source-2.4.27 | source | sarge | 2.4.27-10sarge7 | low | DSA-1503-2 | |
| kernel-source-2.6.8 | source | sarge | 2.6.8-17sarge1 | low | DSA-1504-1 | |
| linux-2.6 | source | (unstable) | 2.6.24-1 | low | ||
| linux-2.6 | source | etch | 2.6.18.dfsg.1-13etch6 | low | DSA-1436-1 | |
| linux-2.6.24 | source | (unstable) | (not affected) | |||
| mindi-kernel | source | sarge | 2.4.27-2sarge5 | low | DSA-1503-1 | |
| pcmcia-modules-2.4.27-i386 | source | sarge | 3.2.5+2sarge2 | low | DSA-1503-1 | |
| systemimager | source | sarge | 3.2.3-6sarge5 | low | DSA-1503-1 | |
| user-mode-linux | source | etch | 2.6.18-1um-2etch.13etch6 | low | DSA-1436-1 |
- linux-2.6.24 <not-affected> (Fixed before initial upload, upstream in 2.6.24)