NVD Vulnerability Detail

CVE-2015-7872

Summary	The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
Publication Date	Nov. 16, 2015, 8:59 p.m.
Registration Date	Jan. 26, 2021, 2:57 p.m.
Last Update	Nov. 21, 2024, 11:37 a.m.

CVSS2.0 : LOW
Score	2.1
Vector	AV:L/AC:L/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:linux:linux_kernel::::::::			4.2.6

Related information, measures and tools

No	URL	タグ
1	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce1fad2740c648a4340f6f6c391a8a83769d2e8c
2	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce1fad2740c648a4340f6f6c391a8a83769d2e8c
3	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61	Vendor Advisory
4	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61	Vendor Advisory
5	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html
6	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html
7	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html
8	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html
9	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html
10	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html
11	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html
12	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html
13	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html
14	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html
15	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html
16	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html
17	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html
18	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html
19	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html
20	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html
21	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html
22	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html
23	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html
24	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html
25	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html
26	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html
27	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html
28	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html
29	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html
30	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html
31	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html
32	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html
33	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html
34	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html
35	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html
36	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html
37	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
38	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
39	http://marc.info/?l=bugtraq&m=145975164525836&w=2
40	http://marc.info/?l=bugtraq&m=145975164525836&w=2
41	http://rhn.redhat.com/errata/RHSA-2015-2636.html
42	http://rhn.redhat.com/errata/RHSA-2015-2636.html
43	http://rhn.redhat.com/errata/RHSA-2016-0185.html
44	http://rhn.redhat.com/errata/RHSA-2016-0185.html
45	http://rhn.redhat.com/errata/RHSA-2016-0212.html
46	http://rhn.redhat.com/errata/RHSA-2016-0212.html
47	http://rhn.redhat.com/errata/RHSA-2016-0224.html
48	http://rhn.redhat.com/errata/RHSA-2016-0224.html
49	http://www.debian.org/security/2015/dsa-3396
50	http://www.debian.org/security/2015/dsa-3396
51	http://www.openwall.com/lists/oss-security/2015/10/20/6
52	http://www.openwall.com/lists/oss-security/2015/10/20/6
53	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
54	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
55	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
56	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
57	http://www.securityfocus.com/bid/77544
58	http://www.securityfocus.com/bid/77544
59	http://www.securitytracker.com/id/1034472
60	http://www.securitytracker.com/id/1034472
61	http://www.ubuntu.com/usn/USN-2823-1
62	http://www.ubuntu.com/usn/USN-2823-1
63	http://www.ubuntu.com/usn/USN-2824-1
64	http://www.ubuntu.com/usn/USN-2824-1
65	http://www.ubuntu.com/usn/USN-2826-1
66	http://www.ubuntu.com/usn/USN-2826-1
67	http://www.ubuntu.com/usn/USN-2829-1
68	http://www.ubuntu.com/usn/USN-2829-1
69	http://www.ubuntu.com/usn/USN-2829-2
70	http://www.ubuntu.com/usn/USN-2829-2
71	http://www.ubuntu.com/usn/USN-2840-1
72	http://www.ubuntu.com/usn/USN-2840-1
73	http://www.ubuntu.com/usn/USN-2840-2
74	http://www.ubuntu.com/usn/USN-2840-2
75	http://www.ubuntu.com/usn/USN-2843-1
76	http://www.ubuntu.com/usn/USN-2843-1
77	http://www.ubuntu.com/usn/USN-2843-2
78	http://www.ubuntu.com/usn/USN-2843-2
79	http://www.ubuntu.com/usn/USN-2843-3
80	http://www.ubuntu.com/usn/USN-2843-3
81	https://bugzilla.redhat.com/show_bug.cgi?id=1272172
82	https://bugzilla.redhat.com/show_bug.cgi?id=1272172
83	https://bugzilla.redhat.com/show_bug.cgi?id=1272371
84	https://bugzilla.redhat.com/show_bug.cgi?id=1272371
85	https://github.com/torvalds/linux/commit/ce1fad2740c648a4340f6f6c391a8a83769d2e8c	Vendor Advisory
86	https://github.com/torvalds/linux/commit/ce1fad2740c648a4340f6f6c391a8a83769d2e8c	Vendor Advisory
87	https://github.com/torvalds/linux/commit/f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61
88	https://github.com/torvalds/linux/commit/f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61
89	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068676
90	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068676
91	https://source.android.com/security/bulletin/2016-12-01.html
92	https://source.android.com/security/bulletin/2016-12-01.html

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-20	不適切な入力確認	https://cwe.mitre.org/data/definitions/20.html

JVN Vulnerability Information

Linux Kernel の security/keys/gc.c の key_gc_unused_keys 関数におけるサービス運用妨害 (DoS) の脆弱性

Title	Linux Kernel の security/keys/gc.c の key_gc_unused_keys 関数におけるサービス運用妨害 (DoS) の脆弱性
Summary	Linux Kernel の security/keys/gc.c の key_gc_unused_keys 関数には、サービス運用妨害 (OOPS) 状態にされる脆弱性が存在します。
Possible impacts	ローカルユーザにより、巧妙に細工された keyctl コマンドを介して、サービス運用妨害 (OOPS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Oct. 15, 2015, midnight
Registration Date	Nov. 17, 2015, 4:17 p.m.
Last Update	Nov. 17, 2015, 4:17 p.m.

Affected System

Linux

Linux Kernel 4.2.6 まで

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2015-7872	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7872
National Vulnerability Database (NVD)
2	CVE-2015-7872	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7872

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-20	https://jvndb.jvn.jp/ja/cwe/CWE-20.html

ベンダー情報

No	Name	URL
GitHub
1	KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring	https://github.com/torvalds/linux/commit/f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61
2	Merge branch 'keys-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs	https://github.com/torvalds/linux/commit/ce1fad2740c648a4340f6f6c391a8a83769d2e8c
Linux Kernel
3	Linux Kernel Archives	http://www.kernel.org
Linux kernel source tree
4	KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61
5	Merge branch 'keys-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce1fad2740c648a4340f6f6c391a8a83769d2e8c
Red Hat Bugzilla
6	Bug 1272172	https://bugzilla.redhat.com/show_bug.cgi?id=1272172
7	Bug 1272371	https://bugzilla.redhat.com/show_bug.cgi?id=1272371

Change Log

No	Changed Details	Date of change
0	[2015年11月17日] 掲載	Feb. 17, 2018, 10:37 a.m.