Extended Lifecycle Support CVE dashboard by TuxСare

CVEs Releases Projects

CVE-2017-15274

Updated: 2022-05-25 08:48:31.899417

Description:

security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 4.9
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Status Errata Last updated
Oracle Linux 6 ELS kernel 2.6.32 Released CLSA-2021:1634922728 2022-05-06 10:22:24.851526