2015-01-09 22:59:00 2020-05-21 19:41:00

Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.

Vector

LOCAL

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
Canonical Ubuntu linux 14.10 * * * (not an official CPE) Canonical Ubuntu linux 14.04 * * * (not an official CPE) Canonical Ubuntu linux 12.04 * * * (not an official CPE) Canonical Ubuntu linux 10.04 * * * (not an official CPE) Debian Debian linux 8.0 * * * (not an official CPE) Debian Debian linux 7.0 * * * (not an official CPE) Fedoraproject Fedora 21 * * * (not an official CPE) Fedoraproject Fedora 20 * * * (not an official CPE) Opensuse Opensuse 13.1 * * * (not an official CPE) Redhat Enterprise linux workstation 7.0 * * * (not an official CPE) Redhat Enterprise linux workstation 6.0 * * * (not an official CPE) Redhat Enterprise linux server tus 7.7 * * * (not an official CPE) Redhat Enterprise linux server tus 7.6 * * * (not an official CPE) Redhat Enterprise linux server tus 7.3 * * * (not an official CPE) Redhat Enterprise linux server tus 6.6 * * * (not an official CPE) Redhat Enterprise linux server eus 7.7 * * * (not an official CPE) Redhat Enterprise linux server eus 7.6 * * * (not an official CPE) Redhat Enterprise linux server eus 7.5 * * * (not an official CPE) Redhat Enterprise linux server eus 7.4 * * * (not an official CPE) Redhat Enterprise linux server eus 7.3 * * * (not an official CPE) Redhat Enterprise linux server eus 7.2 * * * (not an official CPE) Redhat Enterprise linux server eus 7.1 * * * (not an official CPE) Redhat Enterprise linux server eus 6.6 * * * (not an official CPE) Redhat Enterprise linux server aus 7.7 * * * (not an official CPE) Redhat Enterprise linux server aus 7.6 * * * (not an official CPE) Redhat Enterprise linux server aus 7.4 * * * (not an official CPE) Redhat Enterprise linux server aus 7.3 * * * (not an official CPE) Redhat Enterprise linux server aus 6.6 * * * (not an official CPE) Redhat Enterprise linux server 7.0 * * * (not an official CPE) Redhat Enterprise linux server 6.0 * * * (not an official CPE) Redhat Enterprise linux desktop 7.0 * * * (not an official CPE) Redhat Enterprise linux desktop 6.0 * * * (not an official CPE) Linux Linux kernel * * * * (not an official CPE)