kernel: keyctl_set_reqkey_keyring() leaks thread keyrings

A vulnerability was found in the Linux kernel where the keyctlsetreqkeykeyring function leaks the thread keyring. This allows an unprivileged local user to exhaust kernel memory and thus cause a DoS...

SUSE-SU-2016:0751-1 Security update for kernel live patch 0

This kernel live patch for Linux Kernel 3.12.49-11.1 fixes three security issues: Fixes: - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc962078. - CVE-2015-8660: The ovlsetattr function in fs/overlayfs/inode.c in...

Oracle Linux 7 : kernel (ELSA-2016-0064)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-0064 advisory. 3.10.0-327.4.5.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.4.5 - security keys: Fix keyring ref leak in joinsessionkeyring David Howells 1298931...

MGASA-2016-0033 Updated kernel packages fix security vulnerability

Perception Point Research Team found a reference leak in keyring in joinsessionkeyring that can be exploited to successfully escalate privileges from a local user to root CVE-2016-0728. Other fixes in this kernel update: - netfilter: nfnatredirect: add missing NULL pointer check...

Important: Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Updated kernel-rt packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, whic...