View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-0728 severity important: SUSE including 148 source package names (kernel-3.10.0-327.4.5.el7, kernel-abi-whitelists-3.10.0-327.4.5.el7, …), 369 product×package rows across 59 product lines (SLES for SAP Applications 11 SP2, SLES for SAP Applications 11 SP3, … (59 product lines)): Fixed 206, Known Not Affected 163.
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.