A flaw was found in the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands. This may allow to set unwanted defaults or cause a denial of service.
*** Bug 1856774 has been marked as a duplicate of this bug. ***
Name: Eric Biggers (Google)
The impact is Moderate, because the impact is only for userspace programs if using keyctl incorrectly. For root-level processes (usually during boot) keyctl being used securely without possibility of leaking keys between users.