Updated: 2023-11-07 19:22:30.939878
Description:
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | LOW | 2.1 |
CVSS Version 3.x | MEDIUM | 4.4 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
---|---|---|---|---|---|---|---|
Oracle Linux 6 ELS | kernel | 2.6.32 | 4.4 | MEDIUM | Released | CLSA-2021:1634922728 | 2022-05-06 10:22:21 |