Back to search
CVE-2010-2960
Published: Sep 8, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-1000-1
vendor-advisory
x_refsource_UBUNTU
[oss-security] 20100902 CVE-2010-2960 kernel: keyctl_session_to_parent null ptr deref
mailing-list
x_refsource_MLIST
linux-kernel-keyctl-dos(61557)
vdb-entry
x_refsource_XF
42932
vdb-entry
x_refsource_BID
SUSE-SA:2011:007
vendor-advisory
x_refsource_SUSE
ADV-2011-0298
vdb-entry
x_refsource_VUPEN
41263
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2010:050
vendor-advisory
x_refsource_SUSE
http://twitter.com/taviso/statuses/22777866582
x_refsource_MISC
1024384
vdb-entry
x_refsource_SECTRACK
https://bugzilla.redhat.com/show_bug.cgi?id=627440
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now