Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux Kernel 本地拒绝服务漏洞
Vulnerability Description
Linux内核2.6.12.5之前的版本中 KEYCTL_JOIN_SESSION_KEYRING运算包含错误路径,该错误路径不能正确地释放会话管理信号量。这使得本地用户或远程攻击者可以借助于带有(1)空名称字符串的新会话钥匙圈,带有(2)长的名称字符串的新会话钥匙圈,带有(3)达到的钥匙配额会话钥匙圈或(4)ENOMEM,造成拒绝服务(信号量挂起)。
CVSS Information
N/A
Vulnerability Type
N/A