88 matches found
CVE-2015-8539
The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service BUG via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/userdefined.c...
CVE-2015-8539
CVE-2015-8539 is referenced in MiracleLinux AXSA-2018-2578 as a Linux kernel KEYS subsystem flaw fixed by updating the kernel to a version with mitigations. The vulnerability arises in the KEYS subsystem of the Linux kernel prior to 4.4, where crafted keyctl commands can negatively instantiate a ...
UBUNTU-CVE-2015-8539
The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service BUG via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/userdefined.c...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20151215)
A flaw was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their...
CentOS 6 : kernel (CESA-2015:2636)
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
kernel: keys: incorrect termination condition in assoc array garbage collection
A flaw was found in the way the Linux kernel's keys subsystem handled the termination condition in the associative array garbage collection functionality. A local, unprivileged user could use this flaw to crash the system...
PT-2014-1967 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.18 Description: The issue is related to the KEYS subsystem in the Linux kernel, which allows local users to gain privileges or cause a denial of service. This can happen through vectors involving a NULL value...
CVE-2009-3624
The getinstantiationkeyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service OOPS via vectors involving calls to this...