Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2015-7550

Published: 08/02/2016 Updated: 04/11/2017
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 437
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Linux

Vulnerability Summary

The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel prior to 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Debian CVElist Bug Report Logs: Regression in short UDP reads caused by "net: Fix skb csum races when peeking"
Debian Bug report logs - #808293 Regression in short UDP reads caused by "net: Fix skb csum races when peeking" Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Affects: freeradius Reported by: Francesco Politi <fpoliti@micsoit> Date: Fri, 18 Dec 2015 12:09:01 UTC ...
Ubuntu Security Notice: linux-lts-vivid regression
USN-2910-1 introduced a regression in the Ubuntu 1504 Linux kernel backported to Ubuntu 1404 LTS ...
Ubuntu Security Notice: linux-lts-utopic vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerability
The system could be made to crash under certain conditions ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-vivid vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-ti-omap4 vulnerability
The system could be made to crash under certain conditions ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-wily vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-raspi2 vulnerabilities
Several security issues were fixed in the kernel ...

References

CWE-362NVD-CWE-Otherhttp://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4https://github.com/torvalds/linux/commit/b4a1b4f5047e4f54e194681125c74c0aa64d637dhttps://security-tracker.debian.org/tracker/CVE-2015-7550https://bugzilla.redhat.com/show_bug.cgi?id=1291197http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b4a1b4f5047e4f54e194681125c74c0aa64d637dhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.htmlhttp://www.securityfocus.com/bid/79903http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.htmlhttp://www.ubuntu.com/usn/USN-2911-1http://www.ubuntu.com/usn/USN-2890-1http://www.ubuntu.com/usn/USN-2890-3http://www.ubuntu.com/usn/USN-2890-2http://www.ubuntu.com/usn/USN-2888-1http://www.ubuntu.com/usn/USN-2911-2http://www.debian.org/security/2016/dsa-3434https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808293https://usn.ubuntu.com/2910-2/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middleCVE-2024-34558CVE-2024-32674CVE-2024-34351XPath injectionCVE-2023-45866CVE-2024-25528CVE-2024-25517path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook