The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation.
http://osvdb.org/show/osvdb/111298
http://www.exploit-db.com/exploits/36268
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3
http://www.securityfocus.com/bid/70095
http://www.ubuntu.com/usn/USN-2378-1
http://www.ubuntu.com/usn/USN-2379-1
https://bugzilla.redhat.com/show_bug.cgi?id=1140325
https://github.com/torvalds/linux/commit/95389b08d93d5c06ec63ab49bd732b0069b7c35e
Source: MITRE
Published: 2014-09-28
Updated: 2015-03-18
Type: NVD-CWE-Other
Base Score: 7.2
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 3.9
Severity: HIGH
OR
cpe:2.3:o:linux:linux_kernel:3.16.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.16.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 3.16.2 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
125301 | EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1508) | Nessus | Huawei Local Security Checks | high |
124804 | EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1480) | Nessus | Huawei Local Security Checks | high |
81800 | Oracle Linux 7 : kernel (ELSA-2015-0290) | Nessus | Oracle Linux Local Security Checks | high |
80014 | Scientific Linux Security Update : kernel on SL7.x x86_64 (20141209) | Nessus | Scientific Linux Local Security Checks | high |
79876 | CentOS 7 : kernel (CESA-2014:1971) | Nessus | CentOS Local Security Checks | high |
79848 | RHEL 7 : kernel (RHSA-2014:1971) | Nessus | Red Hat Local Security Checks | high |
79845 | Oracle Linux 7 : kernel (ELSA-2014-1971) | Nessus | Oracle Linux Local Security Checks | high |
78259 | Ubuntu 14.04 LTS : linux vulnerabilities (USN-2379-1) | Nessus | Ubuntu Local Security Checks | high |
78258 | Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2378-1) | Nessus | Ubuntu Local Security Checks | high |
77794 | Fedora 21 : kernel-3.16.2-301.fc21 (2014-10693) | Nessus | Fedora Local Security Checks | high |