The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.
References
Link | Resource |
---|---|
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81 | Issue Tracking Patch Third Party Advisory |
http://www.securityfocus.com/bid/97258 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2017:1842 | |
https://access.redhat.com/errata/RHSA-2017:2077 | |
https://access.redhat.com/errata/RHSA-2017:2437 | |
https://access.redhat.com/errata/RHSA-2017:2444 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1428353 | Issue Tracking Patch |
https://github.com/torvalds/linux/commit/c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81 | Issue Tracking Patch Third Party Advisory |
https://usn.ubuntu.com/3849-1/ | |
https://usn.ubuntu.com/3849-2/ |
Configurations
History
No history.
Information
Published : 2017-03-31 04:59
Updated : 2024-02-28 15:44
NVD link : CVE-2017-2647
Mitre link : CVE-2017-2647
CVE.ORG link : CVE-2017-2647
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-476
NULL Pointer Dereference