Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-12192

Опубликовано: 12 окт. 2017
Источник: debian

Описание

The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed4.13.4-2package
linuxfixed4.9.65-1stretchpackage
linuxfixed3.16.51-1jessiepackage
linuxnot-affectedwheezypackage

Примечания

  • Fixed by: https://git.kernel.org/linus/37863c43b2c6464f252862bf2e9768264e961678 (4.14-rc3)

  • Introduced by: https://git.kernel.org/linus/61ea0c0ba904a55f55317d850c1072ff7835ac92 (3.13-rc1)

Связанные уязвимости

ubuntu логотип

CVE-2017-12192

CVSS3: 5.5
ubuntu
больше 7 лет назад

The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation.

redhat логотип

CVE-2017-12192

CVSS3: 5.5
redhat
почти 8 лет назад

The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation.

nvd логотип

CVE-2017-12192

CVSS3: 5.5
nvd
больше 7 лет назад

The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation.

github логотип

GHSA-5f4v-rcv7-7fmj

CVSS3: 5.5
github
около 3 лет назад

The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation.

oracle-oval логотип

ELSA-2020-2430

oracle-oval
около 5 лет назад

ELSA-2020-2430: kernel security and bug fix update (MODERATE)