CVE-2006-3824

CVE-2006-3824 · MEDIUM Severity

AV:L/AC:L/AU:N/C:C/I:N/A:N

systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness error or integer underflow.

Learn more about our Cis Benchmark Audit For Oracle Solaris.