CVE-2010-1437
CVE-2010-1437
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.htmlhttp://marc.info/?l=linux-kernel&m=127192182917857&w=2http://marc.info/?l=linux-kernel&m=127274294622730&w=2http://marc.info/?l=linux-kernel&m=127292492727029&w=2https://bugzilla.redhat.com/show_bug.cgi?id=585094http://secunia.com/advisories/39830http://secunia.com/advisories/40218http://secunia.com/advisories/40645http://secunia.com/advisories/43315https://exchange.xforce.ibmcloud.com/vulnerabilities/58254https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9715https://patchwork.kernel.org/patch/94038/