181 matches found
SUSE CVE-2017-15274
security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted addkey or keyctl system call, a different...
SUSE CVE-2017-18270
In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service...
kernel: watch queue race condition can lead to privilege escalation
A race condition was found in the Linux kernel's watch queue due to a missing lock in the piperesizering. The race condition occurs when a thread uses ioctlIOCWATCHQUEUESETSIZE to resize the pipe buffer and free the old pipe buffer, while another thread uses keyctl to trigger a notification in th...
kernel: watch queue race condition can lead to privilege escalation
A race condition was found in the Linux kernel's watch queue due to a missing lock in the piperesizering. The race condition occurs when a thread uses ioctlIOCWATCHQUEUESETSIZE to resize the pipe buffer and free the old pipe buffer, while another thread uses keyctl to trigger a notification in th...
CVE-2022-2959
A race condition was found in the Linux kernel's watch queue due to a missing lock in the piperesizering. The race condition occurs when a thread uses ioctlIOCWATCHQUEUESETSIZE to resize the pipe buffer and free the old pipe buffer, while another thread uses keyctl to trigger a notification in th...
kernel: NULL pointer dereference due to KEYCTL_READ on negative key
A vulnerability was found in the Key Management sub component of the Linux kernel, where when trying to issue a KEYTCLREAD on a negative key would lead to a NULL pointer dereference. A local attacker could use this flaw to crash the kernel...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A NULL pointer dereference flaw was found in the way the Linux kernel's key management facility handled user-defined key types. A local, unprivileged user could use the keyctl utility to cause a denial of service...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists if a memory leak in keyctl handling. A local user could use this flaw to deplete kernel memory, eventually leading to a denial of service...
kernel: dereferencing NULL payload with nonzero length
A flaw was found in the implementation of associative arrays where the addkey systemcall and KEYCTLUPDATE operations allowed for a NULL payload with a nonzero length. When accessing the payload within this length parameters value, an unprivileged user could trivially cause a NULL pointer...
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of service attacks. A local, authenticated attacker could exploit the flawed Keyring Handler component and create keyrings for other users via keyctl commands...
Denial Of Service (DoS)
kernel-rt is vulnerable to denial of service DoS attacks. The vulnerability exists as the KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service BUG via crafted keyctl commands that negatively instantiate a key, related to...
Security Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM
Summary PowerKVM is affected by vulnerabilities in the Linux Kernel. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-1066 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in the...
Linux kernel denial of service vulnerability (CNVD-2018-09997)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions prior to 4.13.5. A local attacker can exploit this vulnerability with the help of the keyctl command to create...
DEBIAN-CVE-2017-18270
In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service...
CVE-2017-18270
In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service...
UBUNTU-CVE-2017-18270
In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service...
kernel: improper keyrings creation
A flaw was found in the Linux kernel in the way a local user could create keyrings for other users via keyctl commands. This may allow an attacker to set unwanted defaults, a denial of service, or possibly leak keyring information between users...
kernel: dereferencing NULL payload with nonzero length
A flaw was found in the implementation of associative arrays where the addkey systemcall and KEYCTLUPDATE operations allowed for a NULL payload with a nonzero length. When accessing the payload within this length parameters value, an unprivileged user could trivially cause a NULL pointer...
kernel: improper keyrings creation
A flaw was found in the Linux kernel in the way a local user could create keyrings for other users via keyctl commands. This may allow an attacker to set unwanted defaults, a denial of service, or possibly leak keyring information between users...
CVE-2017-15274
security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted addkey or keyctl system call, a different...