The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.
References
Configurations
History
12 Feb 2023, 23:30
Type | Values Removed | Values Added |
---|---|---|
Summary | The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls. | |
References |
|
02 Feb 2023, 15:17
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability was found in the Linux kernel where the keyctl_set_reqkey_keyring() function leaks the thread keyring. This allows an unprivileged local user to exhaust kernel memory and thus cause a DoS. | |
References |
|
Information
Published : 2017-05-11 19:29
Updated : 2023-12-10 12:01
NVD link : CVE-2017-7472
Mitre link : CVE-2017-7472
CVE.ORG link : CVE-2017-7472
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-404
Improper Resource Shutdown or Release