The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring_search_one function.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 02:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2006-04-10 20:02
Updated : 2023-12-10 10:28
NVD link : CVE-2006-1522
Mitre link : CVE-2006-1522
CVE.ORG link : CVE-2006-1522
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-20
Improper Input Validation