The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type. It was discovered that the keyring implementation in the Linux kernel did not properly restrict searches for dead keys. A local attacker could use this to cause a denial of service (system crash).