Since 042stab120.19:

• A flaw was discovered in the Linux kernel's key subsystem. Invoking the request_key() system call with a specially crafted set of arguments could result in a NULL-pointer dereference inside the search_keyring() function. A local unprivileged user could use this vulnerability to crash the system. The vulnerability could be exploited from inside containers. (CVE-2017-2647, Important)

See alsoEdit

• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2647