CVE-2009-3624

CVE-2009-3624 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to this function without specifying a keyring by ID, as demonstrated by a series of keyctl request2 and keyctl list commands.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.