Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2014-0102

Published

10 years ago

Last Modified

3 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Share on Facebook
Share on LinkedIn
Share on Twitter

The keyring_detect_cycle_iterator function in security/keys/keyring.c in the Linux kernel through 3.13.6 does not properly determine whether keyrings are identical, which allows local users to cause a denial of service (OOPS) via crafted keyctl commands..

CVSSv2.0 Score

Severity: Medium
Base Score: 5.2/10
Exploit Score: 4.4/10
Access Vector: Adjacent_network
Access Complexity: Medium
Authentication Required: Single
Impact Score: 6.9/10
Confidentiality Impact: None
Availability Impact: Complete
Integrity Impact: None

Products Affected

CPE	Affected	Vulnerable	Excluding	Edit
cpe:2.3:o:linux:linux_kernel::::::::	Yes	-	-

References

http://www.openwall.com/lists/oss-security/2014/03/04/21
http://lkml.org/lkml/2014/2/27/507
https://bugzilla.redhat.com/show_bug.cgi?id=1072419
http://www.kernelhub.org/?msg=425013&p=2