The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to this function without specifying a keyring by ID, as demonstrated by a series of keyctl request2 and keyctl list commands.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2009-11-02T15:00:00

Updated: 2024-08-07T06:38:28.323Z

Reserved: 2009-10-09T00:00:00

Link: CVE-2009-3624

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-11-02T15:30:00.563

Modified: 2024-11-21T01:07:49.993

Link: CVE-2009-3624

cve-icon Redhat

Severity : Important

Publid Date: 2009-10-15T00:00:00Z

Links: CVE-2009-3624 - Bugzilla