Описание
The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960.
Ссылки
- Broken Link
- PatchThird Party Advisory
- Broken Link
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Broken Link
- PatchThird Party Advisory
- Broken Link
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
EPSS
7.2 High
CVSS2
Дефекты
Связанные уязвимости
The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960.
The key_replace_session_keyring function in security/keys/process_keys ...
The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960.
EPSS
7.2 High
CVSS2