CVE-2006-6106

Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.

Published: 2006-12-19 Last update: 2026-04-23 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2006-6106 is rated Moderate Risk (60.6/100): CVSS High severity, with medium exploitation likelihood (EPSS 3.55%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2006-6106

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-12-24 3.51% 3.55% +0.04%
2 2025-08-07 3.38% 3.51% +0.13%
3 2025-04-26 3.38%

Full EPSS history (13 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2006-6106

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.5 2.0 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 10.0 6.4 [email protected]

Weakness enumeration for CVE-2006-6106

OS Trackers for CVE-2006-6106

vendor priority summary link
alpine CVE-2006-6106: no source package rows; 0 state rows across 0 repos (none); fixed 0, open 0. https://security.alpinelinux.org/vuln/CVE-2006-6106
redhat medium https://access.redhat.com/security/cve/CVE-2006-6106
ubuntu medium CVE-2006-6106 medium priority: Ubuntu including 3 source packages (linux-source-2.6.15, linux-source-2.6.17, linux-source-2.6.20), 12 status rows across 4 suites (dapper, edgy, feisty, upstream): DNE 6, needs-triage 3, released 2, not-affected 1. https://ubuntu.com/security/CVE-2006-6106

Vendor comments (NVD) for CVE-2006-6106

  • Red Hat (2007-03-14T00:00:00)

    Red Hat is aware of this issue and is tracking it for Red Hat Enterprise Linux 4 via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218602 This issue does not affect the version of the Linux kernel shipped with Red Hat Enterprise Linux 2.1 or 3. Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Affected software / configurations for CVE-2006-6106

Vendor Product Version Raw CPE
linux linux_kernel 2.4.22 cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*
linux linux_kernel 2.4.23 cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*
linux linux_kernel 2.4.24 cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*
linux linux_kernel 2.4.25 cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*
linux linux_kernel 2.4.26 cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*
linux linux_kernel 2.4.27 cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*
linux linux_kernel 2.4.28 cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*
linux linux_kernel 2.4.29 cpe:2.3:o:linux:linux_kernel:2.4.29:*:*:*:*:*:*:*
linux linux_kernel 2.4.30 cpe:2.3:o:linux:linux_kernel:2.4.30:*:*:*:*:*:*:*
linux linux_kernel 2.4.31 cpe:2.3:o:linux:linux_kernel:2.4.31:*:*:*:*:*:*:*
linux linux_kernel 2.4.32 cpe:2.3:o:linux:linux_kernel:2.4.32:*:*:*:*:*:*:*
linux linux_kernel 2.4.33 cpe:2.3:o:linux:linux_kernel:2.4.33:*:*:*:*:*:*:*
linux linux_kernel 2.4.33.1 cpe:2.3:o:linux:linux_kernel:2.4.33.1:*:*:*:*:*:*:*
linux linux_kernel 2.4.33.2 cpe:2.3:o:linux:linux_kernel:2.4.33.2:*:*:*:*:*:*:*
linux linux_kernel 2.4.33.3 cpe:2.3:o:linux:linux_kernel:2.4.33.3:*:*:*:*:*:*:*
linux linux_kernel 2.4.33.4 cpe:2.3:o:linux:linux_kernel:2.4.33.4:*:*:*:*:*:*:*
linux linux_kernel 2.6.2 cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*
linux linux_kernel 2.6.2 cpe:2.3:o:linux:linux_kernel:2.6.2:rc1:*:*:*:*:*:*
linux linux_kernel 2.6.2 cpe:2.3:o:linux:linux_kernel:2.6.2:rc2:*:*:*:*:*:*
linux linux_kernel 2.6.2 cpe:2.3:o:linux:linux_kernel:2.6.2:rc3:*:*:*:*:*:*
linux linux_kernel 2.6.3 cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*
linux linux_kernel 2.6.3 cpe:2.3:o:linux:linux_kernel:2.6.3:rc1:*:*:*:*:*:*
linux linux_kernel 2.6.3 cpe:2.3:o:linux:linux_kernel:2.6.3:rc2:*:*:*:*:*:*
linux linux_kernel 2.6.3 cpe:2.3:o:linux:linux_kernel:2.6.3:rc3:*:*:*:*:*:*
linux linux_kernel 2.6.3 cpe:2.3:o:linux:linux_kernel:2.6.3:rc4:*:*:*:*:*:*
linux linux_kernel 2.6.4 cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*
linux linux_kernel 2.6.4 cpe:2.3:o:linux:linux_kernel:2.6.4:rc1:*:*:*:*:*:*
linux linux_kernel 2.6.4 cpe:2.3:o:linux:linux_kernel:2.6.4:rc2:*:*:*:*:*:*
linux linux_kernel 2.6.4 cpe:2.3:o:linux:linux_kernel:2.6.4:rc3:*:*:*:*:*:*
linux linux_kernel 2.6.5 cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*
linux linux_kernel 2.6.5 cpe:2.3:o:linux:linux_kernel:2.6.5:rc1:*:*:*:*:*:*
linux linux_kernel 2.6.5 cpe:2.3:o:linux:linux_kernel:2.6.5:rc2:*:*:*:*:*:*
linux linux_kernel 2.6.5 cpe:2.3:o:linux:linux_kernel:2.6.5:rc3:*:*:*:*:*:*
linux linux_kernel 2.6.6 cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*
linux linux_kernel 2.6.6 cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*
linux linux_kernel 2.6.6 cpe:2.3:o:linux:linux_kernel:2.6.6:rc2:*:*:*:*:*:*
linux linux_kernel 2.6.6 cpe:2.3:o:linux:linux_kernel:2.6.6:rc3:*:*:*:*:*:*
linux linux_kernel 2.6.7 cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*
linux linux_kernel 2.6.7 cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*
linux linux_kernel 2.6.7 cpe:2.3:o:linux:linux_kernel:2.6.7:rc2:*:*:*:*:*:*
linux linux_kernel 2.6.7 cpe:2.3:o:linux:linux_kernel:2.6.7:rc3:*:*:*:*:*:*
linux linux_kernel 2.6.8 cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*
linux linux_kernel 2.6.8 cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*
linux linux_kernel 2.6.8 cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*
linux linux_kernel 2.6.8 cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*
linux linux_kernel 2.6.8 cpe:2.3:o:linux:linux_kernel:2.6.8:rc4:*:*:*:*:*:*
linux linux_kernel 2.6.8.1 cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*
linux linux_kernel 2.6.9 cpe:2.3:o:linux:linux_kernel:2.6.9:*:*:*:*:*:*:*
linux linux_kernel 2.6.9 cpe:2.3:o:linux:linux_kernel:2.6.9:rc1:*:*:*:*:*:*
linux linux_kernel 2.6.9 cpe:2.3:o:linux:linux_kernel:2.6.9:rc2:*:*:*:*:*:*
linux linux_kernel 2.6.9 cpe:2.3:o:linux:linux_kernel:2.6.9:rc3:*:*:*:*:*:*
linux linux_kernel 2.6.9 cpe:2.3:o:linux:linux_kernel:2.6.9:rc4:*:*:*:*:*:*
linux linux_kernel 2.6.10 cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
linux linux_kernel 2.6.10 cpe:2.3:o:linux:linux_kernel:2.6.10:rc1:*:*:*:*:*:*
linux linux_kernel 2.6.10 cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*
linux linux_kernel 2.6.10 cpe:2.3:o:linux:linux_kernel:2.6.10:rc3:*:*:*:*:*:*
linux linux_kernel 2.6.11 cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
linux linux_kernel 2.6.11 cpe:2.3:o:linux:linux_kernel:2.6.11:rc1:*:*:*:*:*:*
linux linux_kernel 2.6.11 cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*
linux linux_kernel 2.6.11 cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*
linux linux_kernel 2.6.11 cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*
linux linux_kernel 2.6.11 cpe:2.3:o:linux:linux_kernel:2.6.11:rc5:*:*:*:*:*:*
linux linux_kernel 2.6.11.1 cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*
linux linux_kernel 2.6.11.2 cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*
linux linux_kernel 2.6.11.3 cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*
linux linux_kernel 2.6.11.4 cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*
linux linux_kernel 2.6.11.5 cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*
linux linux_kernel 2.6.11.6 cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*
linux linux_kernel 2.6.11.7 cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*
linux linux_kernel 2.6.11.8 cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*
linux linux_kernel 2.6.11.9 cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*
linux linux_kernel 2.6.11.10 cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*
linux linux_kernel 2.6.11.11 cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*
linux linux_kernel 2.6.11.12 cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*
linux linux_kernel 2.6.12 cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*
linux linux_kernel 2.6.12 cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*
linux linux_kernel 2.6.12 cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
linux linux_kernel 2.6.12 cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
linux linux_kernel 2.6.12 cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
linux linux_kernel 2.6.12 cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*

References for CVE-2006-6106

URL Tags
http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.5 Patch
http://marc.info/?l=linux-kernel&m=116614741607528&w=2
http://marc.info/?l=linux-kernel&m=116648929829440&w=2
http://rhn.redhat.com/errata/RHSA-2007-0014.html
http://secunia.com/advisories/23408 Patch Vendor Advisory
http://secunia.com/advisories/23427 Patch Vendor Advisory
http://secunia.com/advisories/23593
http://secunia.com/advisories/23609 Vendor Advisory
http://secunia.com/advisories/23752 Vendor Advisory
http://secunia.com/advisories/23997 Vendor Advisory
http://secunia.com/advisories/24098 Vendor Advisory
http://secunia.com/advisories/24105 Vendor Advisory
http://secunia.com/advisories/24206 Vendor Advisory
http://secunia.com/advisories/24547 Vendor Advisory
http://secunia.com/advisories/25226 Vendor Advisory
http://secunia.com/advisories/25683 Vendor Advisory
http://secunia.com/advisories/25691 Vendor Advisory
http://secunia.com/advisories/25714 Vendor Advisory
http://secunia.com/advisories/27227 Vendor Advisory
http://secunia.com/advisories/29058 Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm
http://www.debian.org/security/2007/dsa-1304
http://www.debian.org/security/2008/dsa-1503
http://www.mandriva.com/security/advisories?name=MDKSA-2007:002
http://www.mandriva.com/security/advisories?name=MDKSA-2007:012
http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
http://www.novell.com/linux/security/advisories/2007_18_kernel.html
http://www.novell.com/linux/security/advisories/2007_21_kernel.html
http://www.novell.com/linux/security/advisories/2007_30_kernel.html
http://www.novell.com/linux/security/advisories/2007_35_kernel.html
http://www.novell.com/linux/security/advisories/2007_53_kernel.html
http://www.securityfocus.com/archive/1/459615/100/0/threaded
http://www.securityfocus.com/archive/1/471457
http://www.securityfocus.com/bid/21604
http://www.trustix.org/errata/2007/0002/
http://www.ubuntu.com/usn/usn-416-1
http://www.vupen.com/english/advisories/2006/5037 Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218602
https://exchange.xforce.ibmcloud.com/vulnerabilities/30912
https://issues.rpath.com/browse/RPL-848
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10891
cvelogic Threat Intelligence