|The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.|
Linux kernel: NULL pointer dereference via keyring_search_aux
Synthesis of the vulnerability
An attacker can force a NULL pointer to be dereferenced via keyring_search_aux() in the Linux kernel, in order to trigger a denial of service.
Impacted systems: Debian, QRadar SIEM, Linux, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity of this alert: 2/4.
Consequences of an intrusion: denial of service on server, denial of service on service.
Pirate's origin: user shell.
Creation date: 17/03/2017.
Références of this alert: 2011746, CERTFR-2017-AVI-162, CERTFR-2017-AVI-282, CERTFR-2017-AVI-287, CERTFR-2017-AVI-288, CERTFR-2017-AVI-307, CERTFR-2017-AVI-311, CERTFR-2017-AVI-390, CVE-2017-6951, DLA-922-1, RHSA-2017:1842-01, RHSA-2017:2077-01, RHSA-2017:2669-01, SUSE-SU-2017:1360-1, SUSE-SU-2017:2342-1, SUSE-SU-2017:2389-1, SUSE-SU-2017:2525-1, SUSE-SU-2017:2920-1, USN-3422-1, USN-3422-2, VIGILANCE-VUL-22169.
Description of the vulnerability
The Linux kernel manages cryptographic keys, notably for use in IPsec.
However, in the "request_key" system call, the function keyring_search_aux() does not check whether a pointer is NULL, before using it.
An attacker can therefore force a NULL pointer to be dereferenced via keyring_search_aux() in the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Computer vulnerabilities tracking service
Vigil@nce provides a networks vulnerabilities bulletin. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.