Launchpad.net

CVE 2015-7550

The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.

Related bugs and status

CVE-2015-7550 (Candidate) is related to these bugs:

Bug #1530400: CVE-2015-7550

		In	Importance	Status
1530400	CVE-2015-7550	linux (Ubuntu)	Medium	Fix Released
1530400	CVE-2015-7550	linux-fsl-imx51 (Ubuntu)	Medium	Invalid
1530400	CVE-2015-7550	linux-mvl-dove (Ubuntu)	Undecided	New
1530400	CVE-2015-7550	linux-lts-backport-maverick (Ubuntu)	Undecided	New
1530400	CVE-2015-7550	linux-lts-backport-natty (Ubuntu)	Undecided	New
1530400	CVE-2015-7550	linux-ti-omap4 (Ubuntu)	Medium	Invalid
1530400	CVE-2015-7550	linux-ec2 (Ubuntu)	Undecided	New
1530400	CVE-2015-7550	linux (Ubuntu Xenial)	Medium	Fix Committed
1530400	CVE-2015-7550	linux-ec2 (Ubuntu Xenial)	Undecided	New
1530400	CVE-2015-7550	linux-fsl-imx51 (Ubuntu Xenial)	Medium	Invalid
1530400	CVE-2015-7550	linux-lts-backport-maverick (Ubuntu Xenial)	Undecided	New
1530400	CVE-2015-7550	linux-lts-backport-natty (Ubuntu Xenial)	Undecided	New
1530400	CVE-2015-7550	linux-mvl-dove (Ubuntu Xenial)	Undecided	New
1530400	CVE-2015-7550	linux-ti-omap4 (Ubuntu Xenial)	Medium	Invalid
1530400	CVE-2015-7550	linux (Ubuntu Wily)	Medium	Fix Released
1530400	CVE-2015-7550	linux-ec2 (Ubuntu Wily)	Undecided	New
1530400	CVE-2015-7550	linux-fsl-imx51 (Ubuntu Wily)	Medium	Invalid
1530400	CVE-2015-7550	linux-lts-backport-maverick (Ubuntu Wily)	Undecided	New
1530400	CVE-2015-7550	linux-lts-backport-natty (Ubuntu Wily)	Undecided	New
1530400	CVE-2015-7550	linux-mvl-dove (Ubuntu Wily)	Undecided	New
1530400	CVE-2015-7550	linux-ti-omap4 (Ubuntu Wily)	Medium	Invalid
1530400	CVE-2015-7550	linux (Ubuntu Vivid)	Medium	Won't Fix
1530400	CVE-2015-7550	linux-ec2 (Ubuntu Vivid)	Undecided	New
1530400	CVE-2015-7550	linux-fsl-imx51 (Ubuntu Vivid)	Medium	Invalid
1530400	CVE-2015-7550	linux-lts-backport-maverick (Ubuntu Vivid)	Undecided	New
1530400	CVE-2015-7550	linux-lts-backport-natty (Ubuntu Vivid)	Undecided	New
1530400	CVE-2015-7550	linux-mvl-dove (Ubuntu Vivid)	Undecided	New
1530400	CVE-2015-7550	linux-ti-omap4 (Ubuntu Vivid)	Medium	Invalid
1530400	CVE-2015-7550	linux (Ubuntu Trusty)	Medium	Fix Released
1530400	CVE-2015-7550	linux-ec2 (Ubuntu Trusty)	Undecided	New
1530400	CVE-2015-7550	linux-fsl-imx51 (Ubuntu Trusty)	Medium	Invalid
1530400	CVE-2015-7550	linux-lts-backport-maverick (Ubuntu Trusty)	Undecided	New
1530400	CVE-2015-7550	linux-lts-backport-natty (Ubuntu Trusty)	Undecided	New
1530400	CVE-2015-7550	linux-mvl-dove (Ubuntu Trusty)	Undecided	New
1530400	CVE-2015-7550	linux-ti-omap4 (Ubuntu Trusty)	Medium	Invalid
1530400	CVE-2015-7550	linux (Ubuntu Precise)	Medium	Fix Released
1530400	CVE-2015-7550	linux-ec2 (Ubuntu Precise)	Undecided	Won't Fix
1530400	CVE-2015-7550	linux-fsl-imx51 (Ubuntu Precise)	Medium	Invalid
1530400	CVE-2015-7550	linux-lts-backport-maverick (Ubuntu Precise)	Undecided	Won't Fix
1530400	CVE-2015-7550	linux-lts-backport-natty (Ubuntu Precise)	Undecided	Won't Fix
1530400	CVE-2015-7550	linux-mvl-dove (Ubuntu Precise)	Undecided	Won't Fix
1530400	CVE-2015-7550	linux-ti-omap4 (Ubuntu Precise)	Medium	Fix Released
1530400	CVE-2015-7550	linux-lts-trusty (Ubuntu)	Medium	Invalid
1530400	CVE-2015-7550	linux-lts-trusty (Ubuntu Precise)	Medium	Fix Released
1530400	CVE-2015-7550	linux-lts-trusty (Ubuntu Trusty)	Medium	Invalid
1530400	CVE-2015-7550	linux-lts-trusty (Ubuntu Vivid)	Medium	Invalid
1530400	CVE-2015-7550	linux-lts-trusty (Ubuntu Wily)	Medium	Invalid
1530400	CVE-2015-7550	linux-lts-trusty (Ubuntu Xenial)	Medium	Invalid
1530400	CVE-2015-7550	linux-armadaxp (Ubuntu)	Medium	Invalid
1530400	CVE-2015-7550	linux-armadaxp (Ubuntu Precise)	Medium	Fix Released

Bug #1540538: linux: 3.2.0-99.139 -proposed tracker

		In	Importance	Status
1540538	linux: 3.2.0-99.139 -proposed tracker	linux (Ubuntu)	Medium	Invalid
1540538	linux: 3.2.0-99.139 -proposed tracker	linux (Ubuntu Precise)	Medium	Fix Released
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Invalid
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow prepare-package-lbm	Medium	Fix Released
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1540538	linux: 3.2.0-99.139 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released

Bug #1540559: linux: 3.13.0-78.122 -proposed tracker

		In	Importance	Status
1540559	linux: 3.13.0-78.122 -proposed tracker	linux (Ubuntu)	Medium	Invalid
1540559	linux: 3.13.0-78.122 -proposed tracker	linux (Ubuntu Trusty)	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1540559	linux: 3.13.0-78.122 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released

Bug #1744226: test_too_early_vsyscall from ubuntu_qrt_kernel_panic crashes Trusty 3.13.0-140 amd64 system

Summary				In	Importance	Status
	1744226	test_too_early_vsyscall from ubuntu_qrt_kernel_panic crashes Trusty 3.13.0-140 amd64 system		linux (Ubuntu)	Undecided	Invalid
	1744226	test_too_early_vsyscall from ubuntu_qrt_kernel_panic crashes Trusty 3.13.0-140 amd64 system		linux (Ubuntu Trusty)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2015-7550

Related bugs and status

Related bugs

References