KEYS subsystem vulnerability in Linux kernel through 4.13.7 allows for denial of service and potential system crash
CVE-2017-15299 · MEDIUM Severity
AV:L/AC:L/AU:N/C:N/I:N/A:C
The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.