Race condition

2010-05-0718:30:00

PRIOn knowledge base

www.prio-n.com

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

JSON

Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.

CPENameOperatorVersion
debian_linuxeq5.0
linux_kerneleq2.6.34 rc2
linux_kerneleq2.6.34 rc1
linux_kerneleq2.6.34 rc3
linux_kerneleq2.6.34 rc4
linux_kerneleq2.6.34 rc5
linux_kernellt2.6.34
opensuseeq11.1
linux_enterprise_desktopeq11
linux_enterprise_high_availability_extensioneq11

Name	Operator	Version
debian_linux	eq	5.0
linux_kernel	eq	2.6.34 rc2
linux_kernel	eq	2.6.34 rc1
linux_kernel	eq	2.6.34 rc3
linux_kernel	eq	2.6.34 rc4
linux_kernel	eq	2.6.34 rc5
linux_kernel	lt	2.6.34
opensuse	eq	11.1
linux_enterprise_desktop	eq	11
linux_enterprise_high_availability_extension	eq	11