CVE-2014-3631

by Fred · 28/09/2014

The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation.

Date published : 2014-09-28

http://www.securityfocus.com/bid/70095

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=95389b08d93d5c06ec63ab49bd732b0069b7c35e

CVE-2014-3631

Similar

Recent Posts

Categories

CVE-2014-3631

Share this:

Similar

Recent Posts

Categories

Tags