CVE-2006-5218

Name: CVE-2006-5218
Creator: NVD / NIST
Published: 2006-10-10T04:06:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.41%

Last modified Jun 16, 2026

CVE-2006-5218 is a vulnerability of currently unknown severity. Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.. EPSS estimates a 0.41% chance of exploitation in the next 30 days.

Description

Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.

Metrics

EPSS Probability

0.41%

32.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Netbsd	Netbsd	3.0
Openbsd	Openbsd	3.8
Openbsd	Openbsd	3.9

References

http://openbsd.org/errata.html#systracePatch
http://scary.beasts.org/security/CESA-2006-003.htmlExploit
http://secunia.com/advisories/22324Patch, Vendor Advisory
http://securitytracker.com/id?1017009Patch
http://www.osvdb.org/29570
http://www.securityfocus.com/bid/20392Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/29392
http://openbsd.org/errata.html#systracePatch
http://scary.beasts.org/security/CESA-2006-003.htmlExploit
http://secunia.com/advisories/22324Patch, Vendor Advisory
http://securitytracker.com/id?1017009Patch
http://www.osvdb.org/29570
http://www.securityfocus.com/bid/20392Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/29392

Timeline

Published: Oct 10, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-5218?

How severe is CVE-2006-5218?

Severity scoring for CVE-2006-5218 is pending analysis. The EPSS model estimates a 0.41% probability of exploitation in the next 30 days.

How do I fix CVE-2006-5218?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-5218?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST