CVE-2010-1437
Published May 7, 2010
Last updated 9 months ago
Overview
- Description
- Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7
- Impact score
- 5.9
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.4
- Impact score
- 6.4
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-362
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BA10979-D59C-4A33-ACC8-A110A5ACFF74",
"versionEndExcluding": "2.6.34"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.34:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2033D2AE-EB00-4696-B72F-8739021D1788"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.34:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86D3F64C-3F27-43E0-B0D4-62CE1E1F4EFB"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.34:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7927713B-5EB0-41EB-86A9-9935775162E0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.34:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59037296-3143-4FBB-AFF7-D4FE2C85502F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.34:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9CA27FD5-7DBF-4C85-80A9-D523B2E4B033"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC6C1408-671A-4436-A825-12170CFB5C9A"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4DA438C-CE23-4DA4-81C9-C81391784822"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F13F07CC-739B-465C-9184-0E9D708BD4C7"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639"
}
],
"operator": "OR"
}
]
}
]