[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-9529Date: (C)2015-01-13   (M)2024-03-25


Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.9
Exploit Score: 3.4
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1036763
BID-71880
DSA-3128
FEDORA-2015-0515
FEDORA-2015-0517
MDVSA-2015:058
RHSA-2015:0864
RHSA-2015:1137
RHSA-2015:1138
USN-2511-1
USN-2512-1
USN-2513-1
USN-2514-1
USN-2515-1
USN-2516-1
USN-2517-1
USN-2518-1
http://www.openwall.com/lists/oss-security/2015/01/06/10
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a3a8784454692dd72e5d5d34dcdab17b4420e74c
https://bugzilla.redhat.com/show_bug.cgi?id=1179813
https://github.com/torvalds/linux/commit/a3a8784454692dd72e5d5d34dcdab17b4420e74c
linux-kernel-cve20149529-dos(99641)
openSUSE-SU-2015:0714

CWE    1
CWE-362
OVAL    39
oval:org.secpod.oval:def:108525
oval:org.secpod.oval:def:108569
oval:org.secpod.oval:def:702440
oval:org.secpod.oval:def:501561
...

© SecPod Technologies