Title: Linux Kernel Key_User_Lookup() Local Parent Deletion Race Vulnerability
Severity: MODERATE
Description:
The Linux kernel contains a keyring module that is designed to allow for the storage and maintenance of local key data for operations such as storing Kerberos credentials.
The Linux kernel is susceptible to a local race condition vulnerability in the key_user_lookup() function. This issue only presents itself on SMP capable systems.
When calling the key_user_lookup() function to search for keys, it is possible to causing the kernel to inadvertently deference a NULL pointer while traversing the key storage memory tree. This occurs by exploiting a race condition between setting a pointer, and accessing it in simultaneous calls to key_user_lookup().
This vulnerability allows local attackers to crash the kernel, denying service to legitimate users.
Affected Products:
- Linux kernel 2.6.10
- Linux kernel 2.6.11
- Linux kernel 2.6.11 -rc2
- Linux kernel 2.6.11 -rc3
- Linux kernel 2.6.11 -rc4
- Linux kernel 2.6.11 .5
- Linux kernel 2.6.11 .6
- Linux kernel 2.6.11 .7
- Linux kernel 2.6.11 .8
- RedHat Fedora Core2
- RedHat Fedora Core3
- RedHat Fedora Core4
- Trustix Secure Linux 3.0.0
- Ubuntu Ubuntu Linux 5.0.0 4 amd64
- Ubuntu Ubuntu Linux 5.0.0 4 i386
- Ubuntu Ubuntu Linux 5.0.0 4 powerpc
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
