The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.
References
Configurations
History
12 Feb 2023, 23:26
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent. |
02 Feb 2023, 21:17
Type | Values Removed | Values Added |
---|---|---|
Summary | A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. | |
References |
|
Information
Published : 2016-11-28 03:59
Updated : 2023-12-10 12:01
NVD link : CVE-2016-8650
Mitre link : CVE-2016-8650
CVE.ORG link : CVE-2016-8650
JSON object : View
Products Affected
linux
- linux_kernel