Vulnerabilities

CVE-2017-15274

by Fred · 11/10/2017

security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.

Date published : 2017-10-11

http://www.securityfocus.com/bid/101292

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5

Similar

Tags: Cybersecurity Alert