Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-15951

The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls.

Related bugs and status

CVE-2017-15951 (Candidate) is related to these bugs:

Bug #1775370: request_key03 in LTP syscall test cause kernel oops with T kernel

		In	Importance	Status
1775370	request_key03 in LTP syscall test cause kernel oops with T kernel	linux (Ubuntu)	Medium	Fix Committed
1775370	request_key03 in LTP syscall test cause kernel oops with T kernel	ubuntu-kernel-tests	Undecided	Fix Released
1775370	request_key03 in LTP syscall test cause kernel oops with T kernel	linux (Ubuntu Trusty)	Medium	Fix Committed

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://git.kernel.org/...
CONFIRM: http://www.kernel.org/...
CONFIRM: https://github.com/tor...
BID: 101621