The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel prior to 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote malicious users to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel 2.6.0 |
||
linux linux kernel 2.6.1 |
||
linux linux kernel 2.6.11.2 |
||
linux linux kernel 2.6.11.3 |
||
linux linux kernel 2.6.11 |
||
linux linux kernel 2.6.11_rc1_bk6 |
||
linux linux kernel 2.6.6 |
||
linux linux kernel 2.6.8.1.5 |
||
linux linux kernel 2.6.10 |
||
linux linux kernel 2.6.11.6 |
||
linux linux kernel 2.6.11.7 |
||
linux linux kernel 2.6.2 |
||
linux linux kernel 2.6.3 |
||
linux linux kernel 2.6.8 |
||
linux linux kernel 2.6.8.1 |
||
linux linux kernel 2.6.11.4 |
||
linux linux kernel 2.6.11.5 |
||
linux linux kernel 2.6.12 |
||
linux linux kernel 2.6.7 |
||
linux linux kernel 2.6.11.1 |
||
linux linux kernel 2.6.11.8 |
||
linux linux kernel 2.6.4 |
||
linux linux kernel 2.6.5 |
||
linux linux kernel 2.6.9 |
||
linux linux kernel 2.6_test9_cvs |