English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-3624
Description:The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to this function without specifying a keyring by ID, as demonstrated by a series of keyctl request2 and keyctl list commands.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-3624
37086
http://secunia.com/advisories/37086
38017
http://secunia.com/advisories/38017
SUSE-SA:2010:001
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html
USN-864-1
http://www.ubuntu.com/usn/usn-864-1
[oss-security] 20091022 CVE request: kernel: get_instantiation_keyring() should inc the keyring refcount in all cases
http://marc.info/?l=oss-security&m=125619420905341&w=2
[oss-security] 20091022 Re: CVE request: kernel: get_instantiation_keyring() should inc the keyring refcount in all cases
http://marc.info/?l=oss-security&m=125624091417161&w=2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=21279cfa107af07ef985539ac0de2152b9cba5f5
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=21279cfa107af07ef985539ac0de2152b9cba5f5
http://twitter.com/spendergrsec/statuses/4916661870
http://twitter.com/spendergrsec/statuses/4916661870
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc5
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc5



© 1998-2025 E-Soft Inc. All rights reserved.