** Description changed: - [keys: incorrect termination condition in assoc array garbage - collection] + The assoc_array_gc function in the associative-array implementation in + lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly + implement garbage collection, which allows local users to cause a denial + of service (NULL pointer dereference and system crash) or possibly have + unspecified other impact via multiple "keyctl newring" operations + followed by a "keyctl timeout" operation. Break-Fix: b2a4df200d570b2c33a57e1ebfa5896e4bc81b69 95389b08d93d5c06ec63ab49bd732b0069b7c35e
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1370041 Title: CVE-2014-3631 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1370041/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
