cve/2016/CVE-2016-9313.md

CVE-2016-9313

Description

security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial of service (NULL pointer dereference and panic) or possibly have unspecified other impact via a crafted application that uses the big_key data type.

POC

Reference

• http://www.openwall.com/lists/oss-security/2016/07/22/1

Github

No PoCs found on GitHub currently.