A flaw was found in the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands. This may allow to set unwanted defaults or cause a denial of service. References: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.5 Upstream patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=237bbd29f7a049d310d907f4b2716a7feef9abf3 https://github.com/torvalds/linux/commit/237bbd29f7a049d310d907f4b2716a7feef9abf3
*** Bug 1856774 has been marked as a duplicate of this bug. ***
Acknowledgments: Name: Eric Biggers (Google)
Statement: The impact is Moderate, because the impact is only for userspace programs if using keyctl incorrectly. For root-level processes (usually during boot) keyctl being used securely without possibility of leaking keys between users.
External References: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=237bbd29f7a049d310d907f4b2716a7feef9abf3 http://kernsec.org/pipermail/linux-security-module-archive/2017-September/003318.html