crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls.
The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 4.2 (including) | 4.4.111 (excluding) |
Linux_kernel | Linux | 4.5 (including) | 4.9.76 (excluding) |
Linux_kernel | Linux | 4.10 (including) | 4.14.13 (excluding) |
Red Hat Enterprise Linux 7 | RedHat | kernel-alt-0:4.14.0-115.el7a | * |
Linux | Ubuntu | artful | * |
Linux | Ubuntu | upstream | * |
Linux | Ubuntu | xenial | * |
Linux-armadaxp | Ubuntu | upstream | * |
Linux-aws | Ubuntu | trusty | * |
Linux-aws | Ubuntu | upstream | * |
Linux-aws | Ubuntu | xenial | * |
Linux-azure | Ubuntu | upstream | * |
Linux-azure | Ubuntu | xenial | * |
Linux-azure-edge | Ubuntu | upstream | * |
Linux-euclid | Ubuntu | esm-apps/xenial | * |
Linux-euclid | Ubuntu | upstream | * |
Linux-euclid | Ubuntu | xenial | * |
Linux-flo | Ubuntu | esm-apps/xenial | * |
Linux-flo | Ubuntu | trusty | * |
Linux-flo | Ubuntu | upstream | * |
Linux-flo | Ubuntu | xenial | * |
Linux-gcp | Ubuntu | upstream | * |
Linux-gcp | Ubuntu | xenial | * |
Linux-gke | Ubuntu | upstream | * |
Linux-gke | Ubuntu | xenial | * |
Linux-goldfish | Ubuntu | trusty | * |
Linux-goldfish | Ubuntu | upstream | * |
Linux-grouper | Ubuntu | trusty | * |
Linux-grouper | Ubuntu | upstream | * |
Linux-hwe | Ubuntu | upstream | * |
Linux-hwe | Ubuntu | xenial | * |
Linux-hwe-edge | Ubuntu | upstream | * |
Linux-hwe-edge | Ubuntu | xenial | * |
Linux-kvm | Ubuntu | upstream | * |
Linux-kvm | Ubuntu | xenial | * |
Linux-linaro-omap | Ubuntu | upstream | * |
Linux-linaro-shared | Ubuntu | upstream | * |
Linux-linaro-vexpress | Ubuntu | upstream | * |
Linux-lts-quantal | Ubuntu | precise/esm | * |
Linux-lts-quantal | Ubuntu | upstream | * |
Linux-lts-raring | Ubuntu | precise/esm | * |
Linux-lts-raring | Ubuntu | upstream | * |
Linux-lts-saucy | Ubuntu | precise/esm | * |
Linux-lts-saucy | Ubuntu | upstream | * |
Linux-lts-trusty | Ubuntu | upstream | * |
Linux-lts-utopic | Ubuntu | trusty | * |
Linux-lts-utopic | Ubuntu | upstream | * |
Linux-lts-vivid | Ubuntu | trusty | * |
Linux-lts-vivid | Ubuntu | trusty/esm | * |
Linux-lts-vivid | Ubuntu | upstream | * |
Linux-lts-wily | Ubuntu | trusty | * |
Linux-lts-wily | Ubuntu | upstream | * |
Linux-lts-xenial | Ubuntu | trusty | * |
Linux-lts-xenial | Ubuntu | upstream | * |
Linux-maguro | Ubuntu | trusty | * |
Linux-maguro | Ubuntu | upstream | * |
Linux-mako | Ubuntu | esm-apps/xenial | * |
Linux-mako | Ubuntu | trusty | * |
Linux-mako | Ubuntu | upstream | * |
Linux-mako | Ubuntu | xenial | * |
Linux-manta | Ubuntu | trusty | * |
Linux-manta | Ubuntu | upstream | * |
Linux-oem | Ubuntu | upstream | * |
Linux-oem | Ubuntu | xenial | * |
Linux-qcm-msm | Ubuntu | upstream | * |
Linux-raspi2 | Ubuntu | artful | * |
Linux-raspi2 | Ubuntu | upstream | * |
Linux-raspi2 | Ubuntu | xenial | * |
Linux-snapdragon | Ubuntu | artful | * |
Linux-snapdragon | Ubuntu | upstream | * |
Linux-snapdragon | Ubuntu | xenial | * |
Linux-ti-omap4 | Ubuntu | upstream | * |
This weakness can take several forms, such as: