CVE-2006-5173

Name: CVE-2006-5173
Creator: NVD / NIST
Published: 2006-10-17T22:07:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.41%

Last modified Jun 16, 2026

CVE-2006-5173 is a vulnerability of currently unknown severity. Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access.. EPSS estimates a 0.41% chance of exploitation in the next 30 days.

Description

Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access.

Metrics

EPSS Probability

0.41%

32.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Linux	Linux Kernel	>= 2.4.0, <= 2.6.19
Canonical	Ubuntu Linux	5.10
Canonical	Ubuntu Linux	6.06
Canonical	Ubuntu Linux	6.10

References

http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=47a5c6fa0e204a2b63309c648bb2fde36836c826
http://secunia.com/advisories/23361Broken Link
http://secunia.com/advisories/23384Broken Link
http://secunia.com/advisories/23474Broken Link
http://secunia.com/advisories/23593Broken Link
http://secunia.com/advisories/25691Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2007:002Broken Link
http://www.novell.com/linux/security/advisories/2006_79_kernel.htmlBroken Link
http://www.securityfocus.com/archive/1/471457Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/21851Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/usn-395-1Third Party Advisory
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=47a5c6fa0e204a2b63309c648bb2fde36836c826
http://secunia.com/advisories/23361Broken Link
http://secunia.com/advisories/23384Broken Link
http://secunia.com/advisories/23474Broken Link
http://secunia.com/advisories/23593Broken Link
http://secunia.com/advisories/25691Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2007:002Broken Link
http://www.novell.com/linux/security/advisories/2006_79_kernel.htmlBroken Link
http://www.securityfocus.com/archive/1/471457Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/21851Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/usn-395-1Third Party Advisory

Timeline

Published: Oct 17, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-5173?

How severe is CVE-2006-5173?

Severity scoring for CVE-2006-5173 is pending analysis. The EPSS model estimates a 0.41% probability of exploitation in the next 30 days.

How do I fix CVE-2006-5173?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-5173?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST