Description: Null pointer dereference in search_keyring
References:
Notes:
 carnil> Same fix as for CVE-2017-6951. But CVE-2017-6951 is for a NULL
 carnil> pointer dereference in th keyring_search_aux when type is "dead".
 carnil> CVE-2017-2647 is for a null pointer dereference in
 carnil> keyring_search_iterator
 bwh> The function that dereferences the null pointer depends on kernel
 bwh> version.  keyring_search_aux() was refactored after 3.2 so that
 bwh> part of it its logic is in keyring_search_iterator(), and that's
 bwh> where the null dereference is done.  But the issue is
 bwh> fundamentally the same.
Bugs:
upstream: released (3.18-rc1) [c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81]
4.9-upstream-stable: N/A "Fixed before branch point"
3.16-upstream-stable: released (3.16.43) [c53ee259ad3da891e191dee7af119af340f9c01b]
3.2-upstream-stable: released (3.2.88) [e2b41f761b086da2ec43b1cfea14ca0681cd08b0]
sid: released (4.0.2-1)
3.16-jessie-security: released (3.16.43-1)
3.2-wheezy-security: released (3.2.88-1)