Elevation of privilege vulnerability in kernel security subsystem

CVE numbers: CVE-2014-9529 [Bulletin-CVE-2014-9529]
Coordinated disclosure?: unknown
Categories: Elevation of privilege vulnerability in kernel security subsystem
Details: Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key. [NIST-CVE-2014-9529]
Discovered by: on: Unknown
Reported on: 2016-09-01 [Bulletin-CVE-2014-9529]
Fixed on: 2014-12-29 [Upstream kernel]
Fix released on: Unknown
Affected versions: regex:
Affected devices:
Affected manufacturers: all [Bulletin-CVE-2014-9529]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-29

CVE numbers: CVE-2016-4470 [Bulletin-CVE-2016-4470]
Coordinated disclosure?: unknown
Categories: Elevation of privilege vulnerability in kernel security subsystem
Details: The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command. [NIST-CVE-2016-4470]
Discovered by: on: Unknown
Reported on: 2016-09-01 [Bulletin-CVE-2016-4470]
Fixed on: 2016-06-16 [Upstream kernel]
Fix released on: Unknown
Affected versions: regex:
Affected devices:
Affected manufacturers: all [Bulletin-CVE-2016-4470]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-29

AndroidVulnerabilities.org