| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Nov 2006 17:01:46 +0100 From: Adrian Bunk <bunk@...sta.de> To: Chris Wright <chrisw@...s-sol.org>, Michael Halcrow <mhalcrow@...ibm.com> Cc: linux-kernel@...r.kernel.org, stable@...nel.org Subject: [2.6.16/18 patch] security/seclvl.c: fix time wrap (CVE-2005-4352) initlvl=2 in seclvl gives the guarantee "Cannot decrement the system time". But it was possible to set the time to the maximum unixtime value (19 Jan 2038) resulting in a wrap to the minimum value. This patch fixes this by disallowing setting the time to any date after 2031 with initlvl=2. This patch does not apply to kernel 2.6.19 since the seclvl module was already removed in this kernel. Signed-off-by: Adrian Bunk <bunk@...sta.de> --- linux-2.6.16.32/security/seclvl.c.old 2006-11-15 13:58:05.000000000 +0100 +++ linux-2.6.16.32/security/seclvl.c 2006-11-15 16:41:51.000000000 +0100 @@ -381,6 +381,8 @@ static int seclvl_settime(struct timespe current->group_leader->pid); return -EPERM; } /* if attempt to decrement time */ + if (tv->tv_sec > 1924988400) /* disallow dates after 2030) */ + return -EPERM; /* CVE-2005-4352 */ } /* if seclvl > 1 */ return 0; } - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists