Lucene search

K
ubuntucveUbuntu.comUB:CVE-2014-9529
HistoryJan 09, 2015 - 12:00 a.m.

CVE-2014-9529

2015-01-0900:00:00
ubuntu.com
ubuntu.com
26

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.7%

Race condition in the key_gc_unused_keys function in security/keys/gc.c in
the Linux kernel through 3.18.2 allows local users to cause a denial of
service (memory corruption or panic) or possibly have unspecified other
impact via keyctl commands that trigger access to a key structure member
during garbage collection of a key.

Bugs

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchlinux<Β 2.6.32-73.140UNKNOWN
ubuntu12.04noarchlinux<Β 3.2.0-77.112UNKNOWN
ubuntu14.04noarchlinux<Β 3.13.0-46.75UNKNOWN
ubuntu14.10noarchlinux<Β 3.16.0-31.41UNKNOWN
ubuntu12.04noarchlinux-armadaxp<Β 3.2.0-1645.64UNKNOWN
ubuntu10.04noarchlinux-ec2<Β 2.6.32-376.93UNKNOWN
ubuntu12.04noarchlinux-lts-trusty<Β 3.13.0-46.75~precise1UNKNOWN
ubuntu14.04noarchlinux-lts-utopic<Β 3.16.0-31.41~14.04.1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4<Β 3.2.0-1460.80UNKNOWN

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.7%