3 matches found
CVE-2025-21893 keys: Fix UAF in key_put()
In the Linux kernel, the following vulnerability has been resolved: keys: Fix UAF in keyput Once a key's reference count has been reduced to 0, the garbage collector thread may destroy it at any time and so keyput is not allowed to touch the key after that point. The most keyput is normally allow...
kernel: local privesc in key management
A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively...
USN-3485-3 linux-aws vulnerabilities
It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-15265 Eric Biggers discovered that the key...