| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025022614-CVE-2022-49180-ac1e@gregkh> Date: Wed, 26 Feb 2025 02:56:25 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2022-49180: LSM: general protection fault in legacy_parse_param Description =========== In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacy_parse_param The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an input. In this particular case Smack sees a mount option that it recognizes, and returns 0. A call to a BPF hook follows, which returns -ENOPARAM, which confuses the caller because Smack has processed its data. The SELinux hook incorrectly returns 1 on success. There was a time when this was correct, however the current expectation is that it return 0 on success. This is repaired. The Linux kernel CVE team has assigned CVE-2022-49180 to this issue. Affected and fixed versions =========================== Fixed in 5.4.189 with commit ddcdda888e14ca451b3ee83d11b65b2a9c8e783b Fixed in 5.10.110 with commit 2784604c8c6fc523248f8f80a421c313a9d790b7 Fixed in 5.15.33 with commit f3f93a1aaafc3032e0a9655fb43deccfb3e953a3 Fixed in 5.16.19 with commit 00fc07fa0b4a004711b6e1a944f0d2e46f7093b7 Fixed in 5.17.2 with commit cadae7c5e477aaafcba819b8e4a3d1c1a1503b62 Fixed in 5.18 with commit ecff30575b5ad0eda149aadad247b7f75411fd47 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49180 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: security/security.c security/selinux/hooks.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/ddcdda888e14ca451b3ee83d11b65b2a9c8e783b https://git.kernel.org/stable/c/2784604c8c6fc523248f8f80a421c313a9d790b7 https://git.kernel.org/stable/c/f3f93a1aaafc3032e0a9655fb43deccfb3e953a3 https://git.kernel.org/stable/c/00fc07fa0b4a004711b6e1a944f0d2e46f7093b7 https://git.kernel.org/stable/c/cadae7c5e477aaafcba819b8e4a3d1c1a1503b62 https://git.kernel.org/stable/c/ecff30575b5ad0eda149aadad247b7f75411fd47
Powered by blists - more mailing lists