The vulnerability, CVE-2016-0728, lives in the keyring facility built into the various flavors of Linux. The keyring encrypts and stores login information, encryption keys and certificates, and makes them available to applications. In a report published by Perception Point, researchers said the vulnerability is a reference leak that can be abused to ultimately execute code in the Linux kernel.
