You are here

Use after free vulnerability in Linux kernel keychain management

IDs: 
CVE-2016-0728
Keywords: 
keychain, use-after-free
Description: 

Linux version 3.8 or above is affected by a reference leak vulnerability in the keyring facility. A local attacker can escalate privileges from local to root via a use-after-free-attack [1].

Airlock WAF is not affected because the Linux kernel in CentOS 6 is not affected [2].

Resolution: 

no action required.

Component: 
Airlock
Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
Does not affect back-end behind Airlock