Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Linux kernel, denial of service via key_replace_session_keyring

June 2011 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

A local attacker can use the keyctl() system call, in order to
create a denial of service.

 Severity: 1/4
 Creation date: 06/06/2011

IMPACTED PRODUCTS

 Linux kernel

DESCRIPTION OF THE VULNERABILITY

The keyctl() system call processes user’s keys. The
KEYCTL_SESSION_TO_PARENT parameter indicates to give the keyring
to the parent process.

The key_replace_session_keyring() function of the
security/keys/process_keys.c file replaces the keyring of a
process. This function is called when KEYCTL_SESSION_TO_PARENT is
used. However, this function does not initialize the "user_ns"
field. A read is then done at an invalid memory address.

A local attacker can therefore use the keyctl() system call, in
order to create a denial of service.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-key-replace-session-keyring-10714


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts