Medium severity5.5NVD Advisory· Published Feb 8, 2016· Updated May 6, 2026
CVE-2015-7550
CVE-2015-7550
Description
The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdVendor Advisory
- www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.htmlnvd
- www.debian.org/security/2016/dsa-3434nvd
- www.securityfocus.com/bid/79903nvd
- www.ubuntu.com/usn/USN-2888-1nvd
- www.ubuntu.com/usn/USN-2890-1nvd
- www.ubuntu.com/usn/USN-2890-2nvd
- www.ubuntu.com/usn/USN-2890-3nvd
- www.ubuntu.com/usn/USN-2911-1nvd
- www.ubuntu.com/usn/USN-2911-2nvd
- bugzilla.redhat.com/show_bug.cginvd
- github.com/torvalds/linux/commit/b4a1b4f5047e4f54e194681125c74c0aa64d637dnvd
- security-tracker.debian.org/tracker/CVE-2015-7550nvd
News mentions
0No linked articles in our index yet.