retired/CVE-2010-1437


1
2
3
4
5
6
7
8
9
10
11

Candidate: CVE-2010-1437
Description: find_keyring_by_name() can gain the freed keyring
References:
 http://www.openwall.com/lists/oss-security/2010/04/27/2
Notes:
Bugs:
upstream: released (2.6.34-rc6) [03449cd9]
2.6.32-upstream-stable: released (2.6.32.13)
linux-2.6: released (2.6.32-13) [bugfix/all/keys-the-request_key-syscall-should-link-an-existing-key-to-the-dest-keyring.patch]
2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/keys-find_keyring_by_name-can-gain-access-to-a-freed-keyring.patch]
2.6.32-squeeze-security: released (2.6.32-13) [bugfix/all/keys-the-request_key-syscall-should-link-an-existing-key-to-the-dest-keyring.patch]