CVE - CVE-2006-1522

CVE-ID
CVE-2006-1522	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring_search_one function.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:17451 URL:http://www.securityfocus.com/bid/17451 MISC:19573 URL:http://secunia.com/advisories/19573 MISC:19735 URL:http://secunia.com/advisories/19735 MISC:20157 URL:http://secunia.com/advisories/20157 MISC:20237 URL:http://secunia.com/advisories/20237 MISC:20716 URL:http://secunia.com/advisories/20716 MISC:21745 URL:http://secunia.com/advisories/21745 MISC:24507 URL:~~http://www.osvdb.org/24507~~ (Obsolete source) MISC:ADV-2006-1307 URL:~~http://www.vupen.com/english/advisories/2006/1307~~ (Obsolete source) MISC:ADV-2006-1475 URL:~~http://www.vupen.com/english/advisories/2006/1475~~ (Obsolete source) MISC:FEDORA-2006-423 URL:http://lwn.net/Alerts/180820/ MISC:MDKSA-2006:086 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:086~~ (Obsolete source) MISC:RHSA-2006:0493 URL:http://www.redhat.com/support/errata/RHSA-2006-0493.html MISC:USN-302-1 URL:http://www.ubuntu.com/usn/usn-302-1 MISC:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.3 URL:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.3 MISC:http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm URL:http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm MISC:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c3a9d6541f84ac3ff566982d08389b87c1c36b4e URL:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c3a9d6541f84ac3ff566982d08389b87c1c36b4e MISC:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188466 URL:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188466 MISC:linux-keyringsearchone-dos(25722) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/25722 MISC:oval:org.mitre.oval:def:9325 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9325
Assigning CNA
Red Hat, Inc.
Date Record Created
20060330	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060330)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Site Map | Terms of Use | Privacy Policy | Contact Us | Follow CVE

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.