High severity7.8NVD Advisory· Published Sep 8, 2010· Updated Apr 29, 2026
CVE-2010-2960
CVE-2010-2960
Description
The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function.
Affected products
9cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 5 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingPatchThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.htmlnvdMailing ListThird Party Advisory
- securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- twitter.com/taviso/statuses/22777866582nvdThird Party Advisory
- www.openwall.com/lists/oss-security/2010/09/02/1nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/42932nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1000-1nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/61557nvdThird Party AdvisoryVDB Entry
- secunia.com/advisories/41263nvdBroken Link
- www.vupen.com/english/advisories/2011/0298nvdBroken Link
News mentions
0No linked articles in our index yet.