CVE - CVE-2006-1522

CVE-ID
CVE-2006-1522	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring_search_one function.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188466 CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c3a9d6541f84ac3ff566982d08389b87c1c36b4e CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.3 FEDORA:FEDORA-2006-423 URL:http://lwn.net/Alerts/180820/ MANDRIVA:MDKSA-2006:086 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:086 REDHAT:RHSA-2006:0493 URL:http://www.redhat.com/support/errata/RHSA-2006-0493.html UBUNTU:USN-302-1 URL:http://www.ubuntu.com/usn/usn-302-1 BID:17451 URL:http://www.securityfocus.com/bid/17451 OVAL:oval:org.mitre.oval:def:9325 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9325 VUPEN:ADV-2006-1307 URL:http://www.vupen.com/english/advisories/2006/1307 VUPEN:ADV-2006-1475 URL:http://www.vupen.com/english/advisories/2006/1475 OSVDB:24507 URL:http://www.osvdb.org/24507 SECUNIA:19573 URL:http://secunia.com/advisories/19573 SECUNIA:20157 URL:http://secunia.com/advisories/20157 SECUNIA:20237 URL:http://secunia.com/advisories/20237 SECUNIA:20716 URL:http://secunia.com/advisories/20716 SECUNIA:21745 URL:http://secunia.com/advisories/21745 SECUNIA:19735 URL:http://secunia.com/advisories/19735 XF:linux-keyringsearchone-dos(25722) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/25722
Assigning CNA
N/A
Date Entry Created
20060330	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060330)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org