lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Sun, 5 May 2019 03:18:46 +0100
From:   Al Viro <>
To:     Linus Torvalds <>
Subject: [git pull] vfs.git fixes

	A couple of ->i_link use-after-free fixes, regression fix for
wrong errno on absent device name in mount(2) (this cycle stuff) +
ancient UFS braino in large GID handling on Solaris UFS images (bogus
cut'n'paste from large UID handling; wrong field checked to decide
whether we should look at old (16bit) or new (32bit) field).

The following changes since commit 6af1c849dfb1f1d326fbdd157c9bc882b921f450:

  aio: use kmem_cache_free() instead of kfree() (2019-04-04 20:13:59 -0400)

are available in the git repository at:

  git:// fixes

for you to fetch changes up to 4e9036042fedaffcd868d7f7aa948756c48c637d:

  ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (2019-05-02 02:24:50 -0400)

Al Viro (4):
      securityfs: fix use-after-free on symlink traversal
      apparmorfs: fix use-after-free on symlink traversal
      [fix] get rid of checking for absent device name in vfs_get_tree()
      ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour

Alexander Lochmann (1):
      Abort file_remove_privs() for non-reg. files

 fs/inode.c                     |  9 +++++++--
 fs/super.c                     |  5 -----
 fs/ufs/util.h                  |  2 +-
 security/apparmor/apparmorfs.c | 13 +++++++++----
 security/inode.c               | 13 +++++++++----
 5 files changed, 26 insertions(+), 16 deletions(-)

Powered by blists - more mailing lists