[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <149261808405.26905.7179378560845164438.stgit@warthog.procyon.org.uk>
Date: Wed, 19 Apr 2017 17:08:04 +0100
From: David Howells <dhowells@...hat.com>
To: jmorris@...ei.org
Cc: dhowells@...hat.com, keyrings@...r.kernel.org,
torvalds@...ux-foundation.org, linux-kernel@...r.kernel.org,
linux-kernel-modules@...r.kernel.org
Subject: [PATCH 0/3] KEYS: Fixes
Hi James,
Can you pass these patches onto Linus, please?
(1) Disallow keyrings whose name begins with a '.' to be joined
[CVE-2016-9604].
(2) Change the name of the dead type to ".dead" to prevent user access
[CVE-2017-6951].
(3) Fix keyctl_set_reqkey_keyring() to not leak thread keyrings
[CVE-2017-7472].
The patches can be found here also:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-fixes
Tagged thusly:
git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
keys-fixes-20170419
David
---
David Howells (2):
KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings
KEYS: Change the name of the dead type to ".dead" to prevent user access
Eric Biggers (1):
KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings
security/keys/gc.c | 2 +-
security/keys/keyctl.c | 20 +++++++++++--------
security/keys/process_keys.c | 44 ++++++++++++++++++++++++++----------------
3 files changed, 39 insertions(+), 27 deletions(-)
Powered by blists - more mailing lists