| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 5 May 2019 03:18:46 +0100
From: Al Viro <viro@...iv.linux.org.uk>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [git pull] vfs.git fixes
A couple of ->i_link use-after-free fixes, regression fix for
wrong errno on absent device name in mount(2) (this cycle stuff) +
ancient UFS braino in large GID handling on Solaris UFS images (bogus
cut'n'paste from large UID handling; wrong field checked to decide
whether we should look at old (16bit) or new (32bit) field).
The following changes since commit 6af1c849dfb1f1d326fbdd157c9bc882b921f450:
aio: use kmem_cache_free() instead of kfree() (2019-04-04 20:13:59 -0400)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git fixes
for you to fetch changes up to 4e9036042fedaffcd868d7f7aa948756c48c637d:
ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (2019-05-02 02:24:50 -0400)
----------------------------------------------------------------
Al Viro (4):
securityfs: fix use-after-free on symlink traversal
apparmorfs: fix use-after-free on symlink traversal
[fix] get rid of checking for absent device name in vfs_get_tree()
ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour
Alexander Lochmann (1):
Abort file_remove_privs() for non-reg. files
fs/inode.c | 9 +++++++--
fs/super.c | 5 -----
fs/ufs/util.h | 2 +-
security/apparmor/apparmorfs.c | 13 +++++++++----
security/inode.c | 13 +++++++++----
5 files changed, 26 insertions(+), 16 deletions(-)
Powered by blists - more mailing lists