CVE-2009-3624
The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to this function without specifying a keyring by ID, as demonstrated by a series of keyctl request2 and keyctl list commands.
Date published : 2009-11-02
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc5