CVE ID:	CVE-2010-2960
Description:	The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function.
Test IDs:	1.3.6.1.4.1.25623.1.0.67963   1.3.6.1.4.1.25623.1.0.68062   1.3.6.1.4.1.25623.1.0.68064   1.3.6.1.4.1.25623.1.0.68066
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2960 http://www.openwall.com/lists/oss-security/2010/09/02/1 http://twitter.com/taviso/statuses/22777866582 SuSE Security Announcement: SUSE-SA:2010:050 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html SuSE Security Announcement: SUSE-SA:2011:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://www.ubuntu.com/usn/USN-1000-1 BugTraq ID: 42932 http://www.securityfocus.com/bid/42932 http://securitytracker.com/id?1024384 http://secunia.com/advisories/41263 http://www.vupen.com/english/advisories/2011/0298 XForce ISS Database: linux-kernel-keyctl-dos(61557) http://xforce.iss.net/xforce/xfdb/61557

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: