Описание
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
Ссылки
- Mailing List
- Issue TrackingThird Party Advisory
- Mailing List
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
EPSS
6.2 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
Связанные уязвимости
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
The proc_keys_show function in security/keys/proc.c in the Linux kerne ...
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
ELSA-2017-3510: Unbreakable Enterprise kernel security update (IMPORTANT)
EPSS
6.2 Medium
CVSS3
4.9 Medium
CVSS2