The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call.
3.13.0-161.2114.4.0-1003.34.4.0-101.124~14.04.14.4.0-101.1244.4.0-1041.504.13.0-1005.74.13.0-1002.54.4.0-1034.344.13.0-32.35~16.04.14.4.0-1010.15Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:NI:NA:HCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H