cve/2013/CVE-2013-1792.md

CVE-2013-1792

Description

Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads.

POC

Reference

• http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
• http://www.ubuntu.com/usn/USN-1788-1
• http://www.ubuntu.com/usn/USN-1797-1

Github

• https://github.com/wcventure/PERIOD