Lucene search
SecurityvulnsSECURITYVULNS:DOC:12192HistoryApr 12, 2006 - 12:00 a.m.
ChangeLog-2.6.16.3
2006-04-1200:00:00
vulners.com
13
commit e2c78fb27dd13ab8c778a9689affe95c92030a32
Author: Greg Kroah-Hartman <[email protected]>
Date: Mon Apr 10 22:27:44 2006 -0700
Linux 2.6.16.3
commit 5494bd6a500cc7c5a502279eabfbdacccd4b89d1
Author: David Howells <[email protected]>
Date: Mon Apr 10 17:01:40 2006 +0000
[PATCH] Keys: Fix oops when adding key to non-keyring [CVE-2006-1522]
This fixes the problem of an oops occuring when a user attempts to add a
key to a non-keyring key [CVE-2006-1522].
The problem is that __keyring_search_one() doesn't check that the
keyring it's been given is actually a keyring.
I've fixed this problem by:
(1) declaring that caller of __keyring_search_one() must guarantee that
the keyring is a keyring; and
(2) making key_create_or_update() check that the keyring is a keyring,
and return -ENOTDIR if it isn't.
This can be tested by:
keyctl add user b b `keyctl add user a a @s`
Signed-off-by: David Howells <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
Related
cve
cve
CVE-2006-1522
2006-04-10 20:02:00
prion
prion
Code injection
2006-04-10 20:02:00
ubuntucve
ubuntucve
CVE-2006-1522
2006-04-10 00:00:00
nessus
nessus
Fedora Core 4 : kernel-2.6.16-1.2096_FC4 (2006-423)
2006-04-21 00:00:00
Fedora Core 5 : kernel-2.6.16-1.2096_FC5 (2006-421)
2006-04-21 00:00:00
Mandrake Linux Security Advisory : kernel (MDKSA-2006:086)
2006-05-19 00:00:00
centos
centos
kernel security update
2006-05-24 16:31:10
redhat
redhat
(RHSA-2006:0493) kernel security update
2006-05-24 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2006-06-15 00:00:00
Related for SECURITYVULNS:DOC:12192