The user_update function in security/keys/user_defined.c...
Low severity
Unreviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Feb 10, 2023
Description
Published by the National Vulnerability Database
Jan 27, 2012
Published to the GitHub Advisory Database
May 17, 2022
Last updated
Feb 10, 2023
The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."
References