CVE-2015-7872

Published: Nov 16, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SU-2015:2292

vendor-advisory

x_refsource_SUSE

RHSA-2015:2636

vendor-advisory

x_refsource_REDHAT

RHSA-2016:0212

vendor-advisory

x_refsource_REDHAT

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61

x_refsource_CONFIRM

SUSE-SU-2016:0337

vendor-advisory

x_refsource_SUSE

SUSE-SU-2015:2350

vendor-advisory

x_refsource_SUSE

https://bugzilla.redhat.com/show_bug.cgi?id=1272172

x_refsource_CONFIRM

SUSE-SU-2016:0434

vendor-advisory

x_refsource_SUSE

USN-2826-1

vendor-advisory

x_refsource_UBUNTU

https://source.android.com/security/bulletin/2016-12-01.html

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1272371

x_refsource_CONFIRM

USN-2840-1

vendor-advisory

x_refsource_UBUNTU

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068676

x_refsource_CONFIRM

HPSBGN03565

vendor-advisory

x_refsource_HP

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

x_refsource_CONFIRM

USN-2843-1

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2015:2194

vendor-advisory

x_refsource_SUSE

[oss-security] 20151020 Re: CVE request: crash when attempt to garbage collect an uninstantiated keyring - Linux kernel

mailing-list

x_refsource_MLIST

SUSE-SU-2016:0380

vendor-advisory

x_refsource_SUSE

USN-2829-2

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:0354

vendor-advisory

x_refsource_SUSE

USN-2843-2

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:0335

vendor-advisory

x_refsource_SUSE

SUSE-SU-2015:2339

vendor-advisory

x_refsource_SUSE

SUSE-SU-2015:2108

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

x_refsource_CONFIRM

RHSA-2016:0185

vendor-advisory

x_refsource_REDHAT

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce1fad2740c648a4340f6f6c391a8a83769d2e8c

x_refsource_CONFIRM

USN-2840-2

vendor-advisory

x_refsource_UBUNTU

https://github.com/torvalds/linux/commit/f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61

x_refsource_CONFIRM

SUSE-SU-2016:0383

vendor-advisory

x_refsource_SUSE

USN-2829-1

vendor-advisory

x_refsource_UBUNTU

USN-2823-1

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:0386

vendor-advisory

x_refsource_SUSE

RHSA-2016:0224

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2016:2074

vendor-advisory

x_refsource_SUSE

1034472

vdb-entry

x_refsource_SECTRACK

SUSE-SU-2016:0384

vendor-advisory

x_refsource_SUSE

USN-2843-3

vendor-advisory

x_refsource_UBUNTU

https://github.com/torvalds/linux/commit/ce1fad2740c648a4340f6f6c391a8a83769d2e8c

x_refsource_CONFIRM

DSA-3396

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2016:1008

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:0387

vendor-advisory

x_refsource_SUSE

USN-2824-1

vendor-advisory

x_refsource_UBUNTU

77544

vdb-entry

x_refsource_BID

SUSE-SU-2016:0381

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-7872

Description

Affected Products

References