Published: 07/05/2010 Updated: 02/02/2024

CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 445

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and previous versions allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.34
linux linux kernel
opensuse opensuse 11.1
suse linux enterprise server 11
suse linux enterprise desktop 11
suse linux enterprise high availability extension 11
debian debian linux 5.0

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix multiple security issues and severalbugs are now available for Red Hat Enterprise MRG 12The Red Hat Security Response Team has rated this update as havingimportant ...

Multiple security flaws ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4537 Fabian Yamaguchi reported a missing check for Ethernet frames larger than the MTU in the r8169 driver This may allo ...

source: wwwsecurityfocuscom/bid/39719/info The Linux kernel is prone to a local memory-corruption vulnerability Attackers can exploit this issue to crash the affected computer, denying service to legitimate users Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed kernel 2 ...

CWE-362 CWE-416 http://www.openwall.com/lists/oss-security/2010/04/28/2 https://patchwork.kernel.org/patch/94038/http://www.openwall.com/lists/oss-security/2010/04/27/2 http://marc.info/?l=linux-kernel&m=127274294622730&w=2 http://marc.info/?l=linux-kernel&m=127292492727029&w=2 http://www.securityfocus.com/bid/39719 https://patchwork.kernel.org/patch/94664/http://marc.info/?l=linux-kernel&m=127192182917857&w=2 https://bugzilla.redhat.com/show_bug.cgi?id=585094 http://www.debian.org/security/2010/dsa-2053 http://secunia.com/advisories/39830 http://www.redhat.com/support/errata/RHSA-2010-0474.html http://secunia.com/advisories/40218 http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://www.vupen.com/english/advisories/2010/1857 http://secunia.com/advisories/40645 http://www.vmware.com/security/advisories/VMSA-2011-0003.html http://secunia.com/advisories/43315 https://exchange.xforce.ibmcloud.com/vulnerabilities/58254 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9715 http://www.securityfocus.com/archive/1/516397/100/0/threaded https://access.redhat.com/errata/RHSA-2010:0631 https://usn.ubuntu.com/966-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/33886/

CVE-2010-1437

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect