CVE-2006-0457

Name of the Vulnerable Software and Affected Versions Linux kernel version 2.6.x

Description A race condition exists in the Linux kernel, specifically in the add key, request key, and keyctl functions, allowing local users to potentially cause a denial of service (crash) or read sensitive kernel memory. This issue arises when the length of a string argument is modified between the time the kernel calculates the length and the time it copies the data into kernel memory.

Recommendations For Linux kernel version 2.6.x, consider applying a patch that fixes the race condition in the add key, request key, and keyctl functions to prevent potential denial of service or sensitive kernel memory exposure.