[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Linux kernel: CVE-2016-8650 : Local denial of service with in key subsystem
From: Wade Mealing <wmealing () redhat ! com>
Date: 2016-11-24 23:25:20
Message-ID: CALJHwhSoFkAS5hhXWwmRD4FmCzzvVCCKUhwozwZY==FS7qZGZQ () mail ! gmail ! com
[Download RAW message or body]
Gday,
A flaw was found in the Linux kernel key management subsystem in which
a local attacker could crash the kernel (denial of service) or corrupt
the stack and additional memory by supplying a specially crafted RSA
key. This flaw panics the machine during the verification of the RSA
key and seems to do a 1 byte corruption of the stack.
This vulnerably can be triggered by any unprivileged user with a local
shell account.
Upstream fix:
https://lkml.org/lkml/2016/11/23/477
Red Hat bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1395187
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic