Vigil@nce: Linux kernel, denial of service via
July 2012 by Vigil@nce
KEYCTL_SESSION_TO_PARENT
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can copy his cryptographic keys with
KEYCTL_SESSION_TO_PARENT, in order to stop the kernel.
– Severity: 1/4
– Creation date: 10/07/2012
IMPACTED PRODUCTS
– Linux kernel
– Red Hat Enterprise Linux
DESCRIPTION OF THE VULNERABILITY
The keyctl KEYCTL_SESSION_TO_PARENT is used by a process to copy
its cryptographic keys to his parent process.
However, if a new process is created during this copy, this
process obtains invalid keys. The kernel then uses an invalid
memory area and stops.
A local attacker can therefore copy his cryptographic keys with
KEYCTL_SESSION_TO_PARENT, in order to stop the kernel.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-KEYCTL-SESSION-TO-PARENT-11752