The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to this function without specifying a keyring by ID, as demonstrated by a series of keyctl request2 and keyctl list commands.
No CVSS v3.1
No CVSS v3.0
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
AV:L/AC:L/Au:N/C:P/I:P/A:P
Vendors | Products |
---|---|
Linux |
|
Configuration 1 [-]
|
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2009-11-02T15:00:00
Updated: 2010-01-14T10:00:00
Reserved: 2009-10-09T00:00:00
Link: CVE-2009-3624
JSON object: View
NVD Information
Status : Modified
Published: 2009-11-02T15:30:00.563
Modified: 2023-02-13T01:17:47.937
Link: CVE-2009-3624
JSON object: View
Redhat Information
No data.
CWE