VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 11, 2006· Updated Jun 16, 2026

CVE-2006-0646

CVE-2006-0646

Description

ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an attacker-controlled library file.

Affected products

13
  • SUSE S.A./Linux12 versions
    cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*+ 11 more
    • cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*
    • (no CPE)range: 9.1 - 10.0
  • SUSE S.A./SLESllm-fuzzy
    Range: 9

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.