Zurück zur CVE-Übersicht
CVE-2014-0102
MEDIUM(5.2)AV:A/AC:M/Au:S/C:N/I:N/A:C
Risk Signal Score13/100 — NIEDRIG
- CVSS 5.2 — Mittel
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
5.2
Technische Schwere
Beschreibung
The keyring_detect_cycle_iterator function in security/keys/keyring.c in the Linux kernel through 3.13.6 does not properly determine whether keyrings are identical, which allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
Referenzen
- http://lkml.org/lkml/2014/2/27/507
- http://www.kernelhub.org/?msg=425013&p=2
- http://www.openwall.com/lists/oss-security/2014/03/04/21
- https://bugzilla.redhat.com/show_bug.cgi?id=1072419
- http://lkml.org/lkml/2014/2/27/507
- http://www.kernelhub.org/?msg=425013&p=2
- http://www.openwall.com/lists/oss-security/2014/03/04/21
- https://bugzilla.redhat.com/show_bug.cgi?id=1072419