Denial of service vulnerability in kernel via keyctl commandsDeprecated |
ID: oval:org.secpod.oval:def:23621 | Date: (C)2015-02-27 (M)2024-03-20 |
Class: VULNERABILITY | Family: unix |
The host is installed with kernel through 3.18.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle keyctl commands that trigger access to a key structure member during garbage collection of a key. Successful exploitation allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact.
Platform: |
Red Hat Enterprise Linux 6 |
Red Hat Enterprise Linux 7 |