Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2015-1333

Published: 31/08/2015 Updated: 08/04/2019
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 437
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Linux

Vulnerability Summary

Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel prior to 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys.

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Debian Security Advisories: DSA-3329-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak CVE-2015-1333 Colin Ian King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem A local user can exploit this flaw to cause a denial of service due to memory ex ...
Ubuntu Security Notice: linux-lts-vivid vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-utopic vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Red Hat: CVE-2015-1333
It was found that the Linux kernel's keyring implementation would leak memory when adding a key to a keyring via the add_key() function A local attacker could use this flaw to exhaust all available memory on the system ...

References

CWE-119https://bugzilla.redhat.com/show_bug.cgi?id=1245658http://www.openwall.com/lists/oss-security/2015/07/27/7http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca4da5dd1f99fe9c59f1709fb43e818b18ad20e0https://github.com/torvalds/linux/commit/ca4da5dd1f99fe9c59f1709fb43e818b18ad20e0http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securityfocus.com/bid/76050http://www.debian.org/security/2015/dsa-3329http://rhn.redhat.com/errata/RHSA-2015-1787.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1778.htmlhttp://www.ubuntu.com/usn/USN-2691-1http://www.ubuntu.com/usn/USN-2690-1http://www.ubuntu.com/usn/USN-2689-1http://www.ubuntu.com/usn/USN-2688-1http://www.ubuntu.com/usn/USN-2687-1https://support.f5.com/csp/article/K05211147https://nvd.nist.govhttps://www.debian.org/security/./dsa-3329https://usn.ubuntu.com/2690-1/https://access.redhat.com/security/cve/cve-2015-1333
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook