Lucene search

K

CanonicalCVELIST:CVE-2010-2960

HistorySep 08, 2010 - 7:00 p.m.

CVE-2010-2960

2010-09-0819:00:00

canonical

www.cve.org

6

AI Score

7.7

Confidence

High

EPSS

0

Percentile

5.1%

The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function.

References

lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html

lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

secunia.com/advisories/41263

securitytracker.com/id?1024384

twitter.com/taviso/statuses/22777866582

www.openwall.com/lists/oss-security/2010/09/02/1

www.securityfocus.com/bid/42932

www.ubuntu.com/usn/USN-1000-1

www.vupen.com/english/advisories/2011/0298

bugzilla.redhat.com/show_bug.cgi?id=627440

exchange.xforce.ibmcloud.com/vulnerabilities/61557

AI Score

7.7

Confidence

High

EPSS

0

Percentile

5.1%

Related for CVELIST:CVE-2010-2960

prion2 seebug1 ubuntucve2 nvd2 cve2 redhatcve1 cvelist1 nessus11 openvas29 fedora9 suse4 ubuntu4