| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Jun 2018 06:00:47 +0400 From: Ilya Matveychikov <matvejchikov@...il.com> To: linux-kernel@...r.kernel.org Subject: [PATCH] ksys_mount: check for permissions before resource allocation Early check for mount permissions prevents possible allocation of 3 pages from kmalloc() pool by unpriveledged user which can be used for spraying the kernel heap. Signed-off-by: Ilya V. Matveychikov <matvejchikov@...il.com> --- fs/namespace.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/namespace.c b/fs/namespace.c index 5f75969adff1..1ef8feb2de2a 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -3046,6 +3046,9 @@ int ksys_mount(char __user *dev_name, char __user *dir_name, char __user *type, char *kernel_dev; void *options; + if (!may_mount()) + return -EPERM; + kernel_type = copy_mount_string(type); ret = PTR_ERR(kernel_type); if (IS_ERR(kernel_type)) -- 2.17.0
Powered by blists - more mailing lists