** Description changed: - A flaw was found in the way the Linux kernel's key management facility - handled replacement session keyrings on process forks. A local, - unprivileged user could use this flaw to cause a denial of service. + The copy_creds function in kernel/cred.c in the Linux kernel before + 3.3.2 provides an invalid replacement session keyring to a child + process, which allows local users to cause a denial of service (panic) + via a crafted application that uses the fork system call. Break-Fix: ee18d64c1f632043a02e6f5ba5e045bb26a5465f 79549c6dfda0603dba9a70a53467ce62d9335c33
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1023535 Title: CVE-2012-2745 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1023535/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
