joel16/android_kernel_sony_msm8994_rework
1
0
Fork 0
mirror of https://github.com/joel16/android_kernel_sony_msm8994_rework.git synced 2024-11-23 11:59:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
186947a654
android_kernel_sony_msm8994.../security
History
Ben Hutchings b765ecd025
keys: Guard against null match function in keyring_search_aux() 
The "dead" key type has no match operation, and a search for keys of
this type can cause a null dereference in keyring_search_aux().
keyring_search() has a check for this, but request_keyring_and_link()
does not.  Move the check into keyring_search_aux(), covering both of
them.

This was fixed upstream by commit c06cfb08b88d ("KEYS: Remove
key_type::match in favour of overriding default by match_preparse"),
part of a series of large changes that are not suitable for
backporting.

CVE-2017-2647 / CVE-2017-6951

Change-Id: If0d61b4621ee5407d9973e183ffebbac551f3713
Reported-by: Igor Redko <redkoi@virtuozzo.com>
Reported-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2647
Reported-by: idl3r <idler1984@gmail.com>
References: https://www.spinics.net/lists/keyrings/msg01845.html
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Cc: David Howells <dhowells@redhat.com>
2017-09-16 23:27:49 +02:00
..
apparmor sched: move no_new_privs into new atomic flags 2015-08-12 16:57:15 -07:00
integrity evm: check xattr value length and type in evm_inode_setxattr() 2014-11-14 08:47:54 -08:00
keys keys: Guard against null match function in keyring_search_aux() 2017-09-16 23:27:49 +02:00
selinux BACKPORT: UPSTREAM: selinux: fix off-by-one in setprocattr 2017-09-02 18:04:09 +02:00
smack Smack: include magic.h in smackfs.c 2013-04-03 13:13:51 +11:00
tomoyo Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
yama yama: Better permission check for ptraceme 2013-03-26 13:17:58 -07:00
capability.c Revert "binder: reconcile with aosp" 2017-01-14 17:24:51 +01:00
commoncap.c This is the 3.10.84 stable release 2015-08-13 14:38:09 -07:00
device_cgroup.c devcg: remove parent_cgroup. 2013-04-18 11:34:35 -07:00
inode.c securityfs: fix object creation races 2012-01-10 10:20:35 -05:00
Kconfig FROMLIST: security,perf: Allow further restriction of perf_event_open 2017-01-11 22:34:44 +01:00
lsm_audit.c security: add ioctl specific auditing to lsm_audit 2017-01-11 22:57:26 +01:00
Makefile Remove Sony security stuff 2017-01-11 22:31:44 +01:00
min_addr.c
security.c Revert "binder: reconcile with aosp" 2017-01-14 17:24:51 +01:00