14 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000794)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000794 advisory. The copycreds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users...
[SECURITY] Fedora 40 Update: keyring-ima-signer-0.1.0-17.fc40
The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...
[SECURITY] Fedora 41 Update: keyring-ima-signer-0.1.0-17.fc41
The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...
kernel: keys: Fix linking a duplicate key to a keyring's assoc_array
A race condition was found in the Linux kernel's keyring subsystem. When concurrent DNS queries resolve the same hostname, a duplicate index key can be created in the keyring's assocarray. The assocarray implementation has a BUGON check that detects this invalid state, causing a kernel crash. Thi...
[SECURITY] Fedora 39 Update: keyring-ima-signer-0.1.0-11.fc39
The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...
[SECURITY] Fedora 37 Update: keyring-ima-signer-0.1.0-9.fc37
The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...
[SECURITY] Fedora 38 Update: keyring-ima-signer-0.1.0-9.fc38
The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...
kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission
The KEYS subsystem in the Linux kernel omitted an access-control check when writing a key to the current task's default keyring, allowing a local user to bypass security checks to the keyring. This compromises the validity of the keyring for those who rely on it...
USN-3053-1 linux-lts-vivid vulnerabilities
A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. CVE-2016-1237 It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before...
USN-2911-1: Linux kernel vulnerability
It was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service system crash...
kernel: denial of service due to memory leak in add_key()
It was found that the Linux kernel's keyring implementation would leak memory when adding a key to a keyring via the addkey function. A local attacker could use this flaw to exhaust all available memory on the system...
CVE-2015-1333
Memory leak in the keylinkend function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service memory consumption via many addkey system calls that refer to existing keys...
Ubuntu Update for Linux kernel vulnerabilities USN-966-1
Ubuntu Update for Linux kernel vulnerabilities USN-966-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9661.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for Linux kernel vulnerabilities USN-966-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
USN-751-1: Linux kernel vulnerabilities
NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. Ubuntu 8.10 was not affected. CVE-2008-4307 Sparc syscalls did not correctly check mmap regions. A local attacker could cause a...