Denial of service vulnerability in kernel via keyctl commands
|ID: oval:org.secpod.oval:def:23621||Date: (C)2015-02-27 (M)2017-09-11|
|Class: VULNERABILITY||Family: unix|
The host is installed with kernel through 3.18.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle keyctl commands that trigger access to a key structure member during garbage collection of a key. Successful exploitation allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact.
|Red Hat Enterprise Linux 6|
|Red Hat Enterprise Linux 7|