Ubuntu Security Notice 2872-3 - Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.
9b6da8e055e2f01caa06a1153d87be5e9162f671ab52a39caf3ef14ebea7802e