Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.1 views

SUSE CVE-2017-17807

The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the requestkey system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring with only Search...

5.1CVSS7.8AI score0.0042EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/03/31 9:3 p.m.5 views

kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission

The KEYS subsystem in the Linux kernel omitted an access-control check when writing a key to the current task's default keyring, allowing a local user to bypass security checks to the keyring. This compromises the validity of the keyring for those who rely on it...

3.3CVSS7.2AI score0.0042EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/31 8:33 p.m.5 views

kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission

The KEYS subsystem in the Linux kernel omitted an access-control check when writing a key to the current task's default keyring, allowing a local user to bypass security checks to the keyring. This compromises the validity of the keyring for those who rely on it...

3.3CVSS7.2AI score0.0042EPSS
Exploits0References4
Debian
Debian
added 2018/01/07 10:38 p.m.72 views

[SECURITY] [DLA 1232-1] linux security update

Package : linux Version : 3.2.96-3 CVE ID : CVE-2017-5754 CVE-2017-17558 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 CVE-2017-17807 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5754...

7.8CVSS7.1AI score0.84172EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2017/12/20 11:29 p.m.2 views

CVE-2017-17807

The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the requestkey system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring with only Search...

3.3CVSS6.3AI score0.0042EPSS
Exploits0References25
OSV
OSV
added 2017/12/20 11:29 p.m.0 views

DEBIAN-CVE-2017-17807

The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the requestkey system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring with only Search...

3.3CVSS7.6AI score0.0042EPSS
Exploits0References1
Rows per page
Query Builder