CVE-2005-2098

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.12.5

Description: The issue is related to the KEYCTL JOIN SESSION KEYRING operation in the Linux kernel, which contains an error path that does not properly release the session management semaphore. This allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring under certain conditions, such as an empty name string, a long name string, when the key quota is reached, or when an ENOMEM error occurs.

Recommendations: For Linux kernel versions prior to 2.6.12.5, update to version 2.6.12.5 or later to resolve the issue.