CVEs-PoC/2009/CVE-2009-3624.md

CVE-2009-3624

Description

The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to this function without specifying a keyring by ID, as demonstrated by a series of keyctl request2 and keyctl list commands.

POC

Reference

• http://twitter.com/spendergrsec/statuses/4916661870

Github

No PoCs found on GitHub currently.