kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission
The KEYS subsystem in the Linux kernel omitted an access-control check when writing a key to the current task's default keyring, allowing a local user to bypass security checks to the keyring. This compromises the validity of the keyring for those who rely on it...