CVE-2006-1522 - Secunia.com

CVE Reference: CVE-2006-1522
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1522

Description: The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring_search_one function.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25722 UBUNTU http://www.ubuntu.com/usn/usn-302-1 SAID Secunia Advisory: SA19573 Secunia Advisory: SA20157 Secunia Advisory: SA20237 Secunia Advisory: SA20716 Secunia Advisory: SA21745 Secunia Advisory: SA19735 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0493.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9325 OSVDB 24507 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:086 FEDORA http://lwn.net/Alerts/180820/ CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.3 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c3a9d6541f84ac3ff566982d08389b87c1c36b4e BID 17451

Return to the previous page.

Secunia