MeeGo alert MeeGo-SA-10:15 (kernel)
| From: | "Ware, Ryan R" <ryan.r.ware@intel.com> | |
| To: | "meego-security@meego.com" <meego-security@meego.com> | |
| Subject: | [MeeGo-security] [MeeGo-SA-10:15.kernel] find_keyring_by_name Can Gain Freed Keyring | |
| Date: | Fri, 27 Aug 2010 16:22:36 -0700 | |
| Message-ID: | <C89D96CC.363B0%ryan.r.ware@intel.com> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== == MeeGo-SA-10:15.kernel Security Advisory MeeGo Project Topic: find_keyring_by_name Can Gain Freed Keyring Category: Linux Kernel Module: kernel-netbook Announced: August 3, 2010 Affects: MeeGo 1.0 Corrected: August 3, 2010 MeeGo BID: 2192 CVE: CVE-2010-1437 For general information regarding MeeGo Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:http://www.MeeGo.com/>. I. Background - From Wikipedia: "The Linux kernel is an operating system kernel used by the Linux family of Unix-like operating systems. It is one of the most prominent examples of free and open source software." II. Problem Description Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function. CVSS v2 Base: 1.9 (LOW) Access Vector: Locally Exploitable III. Impact Potential access to dead keyring because of race condition (CWE-362) IV. Workaround None V. Solution Update to package kernel-netbook-2.6.33.5-24.1 or later. VI. References http://bugs.meego.com/show_bug.cgi?id=2192 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-... http://cwe.mitre.org/data/definitions/362.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (Darwin) iQEcBAEBAgAGBQJMeEPXAAoJECxjfBlj7RcKRtEH/jWe/zN9zKSeBpbICCdnXh0D Fi/6Mj/fd/Gowqlf5vBVFUauPg/H0NqFGjFvIOVviCduvkNBUiEO/XbW2x0sftGk RopreFZotsNOEpiJcy6c9CVFwGGDvFRNjyow5XxMTwKclHsu0WTqIFA2ObGdOvQ6 Zd/YBe2akRN0N5EBURdHxLnVFHDOFePIcPPFyGA8wI9cxnR63IOKrG8x1mPOGY18 AQBfduHRqTjVFfyoq+HyPbbE79V5ZfcT69mZUFNW4KvEEdVeTVBl6mSV6ZHu7KEW gCAOHJubqZ8/c2uQQxkK2bli6HvUMEPrV5Rzcc5WavLD5EuLo2ZOgxiL+fRjyIQ= =I7Qn -----END PGP SIGNATURE----- _______________________________________________ MeeGo-security mailing list MeeGo-security@meego.com http://lists.meego.com/listinfo/meego-security