Privilege Escalation and Denial of Service Vulnerability in Linux Kernel's KEYS Subsystem

Privilege Escalation and Denial of Service Vulnerability in Linux Kernel's KEYS Subsystem

CVE-2015-8539 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.