CVE-2017-7472

Published: May 11, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.

Vendor	Product	Versions
n/a	Linux kernel before 4.10.13	affected `Linux kernel before 4.10.13`

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c9f838d104fed6f2f61d68164712e3204bf5271b

x_refsource_CONFIRM

https://lkml.org/lkml/2017/4/3/724

x_refsource_CONFIRM

RHSA-2018:0181

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=1442086

x_refsource_CONFIRM

https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.13

x_refsource_CONFIRM

SUSE-SU-2018:0011

vendor-advisory

x_refsource_SUSE

RHSA-2018:0152

vendor-advisory

x_refsource_REDHAT

https://github.com/torvalds/linux/commit/c9f838d104fed6f2f61d68164712e3204bf5271b

x_refsource_CONFIRM

98422

vdb-entry

x_refsource_BID

1038471

vdb-entry

x_refsource_SECTRACK

https://bugzilla.novell.com/show_bug.cgi?id=1034862

x_refsource_CONFIRM

42136

exploit

x_refsource_EXPLOIT-DB

http://openwall.com/lists/oss-security/2017/05/11/1

x_refsource_CONFIRM

RHSA-2018:0151

vendor-advisory

x_refsource_REDHAT

https://lkml.org/lkml/2017/4/1/235

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-7472

Description

Affected Products

References