| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024052155-CVE-2021-47285-4fee@gregkh> Date: Tue, 21 May 2024 16:20:39 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2021-47285: net/nfc/rawsock.c: fix a permission check bug Description =========== In the Linux kernel, the following vulnerability has been resolved: net/nfc/rawsock.c: fix a permission check bug The function rawsock_create() calls a privileged function sk_alloc(), which requires a ns-aware check to check net->user_ns, i.e., ns_capable(). However, the original code checks the init_user_ns using capable(). So we replace the capable() with ns_capable(). The Linux kernel CVE team has assigned CVE-2021-47285 to this issue. Affected and fixed versions =========================== Fixed in 4.4.273 with commit c08e0be44759 Fixed in 4.9.273 with commit d6a21a3fb033 Fixed in 4.14.237 with commit 38cb2e23188a Fixed in 4.19.195 with commit ec72482564ff Fixed in 5.4.126 with commit f3ed12af6bbb Fixed in 5.10.44 with commit 1e5cab50208c Fixed in 5.12.11 with commit 90d0a3c76965 Fixed in 5.13 with commit 8ab78863e9ef Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2021-47285 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: net/nfc/rawsock.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/c08e0be44759d0b5affc5888be4aa5e536873335 https://git.kernel.org/stable/c/d6a21a3fb03300fbaa9fc3ed99f8b0962ce28362 https://git.kernel.org/stable/c/38cb2e23188af29c43966acee9dbb18b62e26cfe https://git.kernel.org/stable/c/ec72482564ff99c6832d33610d9f8ab7ecc81b6d https://git.kernel.org/stable/c/f3ed12af6bbbaf79eddb0ae14656b8ecacea74f0 https://git.kernel.org/stable/c/1e5cab50208c8fb7351b798cb1d569debfeb994a https://git.kernel.org/stable/c/90d0a3c76965d7a10fc87c07be3e9714e2130d5c https://git.kernel.org/stable/c/8ab78863e9eff11910e1ac8bcf478060c29b379e
Powered by blists - more mailing lists