4.9
CVE-2006-1522
- EPSS 0.44%
- Veröffentlicht 10.04.2006 20:02:00
- Zuletzt bearbeitet 16.06.2026 22:23:07
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring_search_one function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version2.6.16.1
Linux ≫ Linux Kernel Version2.6.17 Updaterc1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.44% | 0.348 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 3.9 | 6.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/20237
http://secunia.com/advisories/21745
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm
http://www.redhat.com/support/errata/RHSA-2006-0493.html
http://secunia.com/advisories/20157
http://www.mandriva.com/security/advisories?name=MDKSA-2006:086
http://secunia.com/advisories/20716
http://www.ubuntu.com/usn/usn-302-1
http://lwn.net/Alerts/180820/
http://secunia.com/advisories/19735
http://www.vupen.com/english/advisories/2006/1475
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.3
http://secunia.com/advisories/19573
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c3a9d6541f84ac3ff566982d08389b87c1c36b4e
http://www.osvdb.org/24507
http://www.securityfocus.com/bid/17451
http://www.vupen.com/english/advisories/2006/1307
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188466
https://exchange.xforce.ibmcloud.com/vulnerabilities/25722
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9325