Linux Kernel Local DoS and Security Bypass Issues

Filed under
Security

Rated as : Low Risk

Multiple vulnerabilities were identified in Linux Kernel, which could be exploited by local attackers to cause a denial of service or bypass certain security restrictions.

The first issue is due to a memory leak error in "/security/keys/request_key_auth.c", which could be exploited by malicious users to cause a denial of service.

The second vulnerability is due to a memory leak error in "/fs/namei.c" when the CONFIG_AUDITSYSCALL option is enabled, which could be exploited by malicious users to cause a denial of service.

The third flaw is due to an error in the file "drivers/char/drm/drm_stub.c" that does not properly validate "debug" sysfs permissions, which could be exploited by local attackers to bypass certain security restrictions and enable drm debugging.

Full Details.