[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240223.eij0Oudai0Ia@digikod.net>
Date: Fri, 23 Feb 2024 21:03:52 +0100
From: Mickaël Salaün <mic@...ikod.net>
To: Casey Schaufler <casey@...aufler-ca.com>,
John Johansen <john.johansen@...onical.com>, Paul Moore <paul@...l-moore.com>
Cc: James Morris <jmorris@...ei.org>,
"Serge E . Hallyn" <serge@...lyn.com>, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH 1/2] SELinux: Fix lsm_get_self_attr()
On Fri, Feb 23, 2024 at 08:59:34PM +0100, Mickaël Salaün wrote:
> On Fri, Feb 23, 2024 at 08:05:45PM +0100, Mickaël Salaün wrote:
> > selinux_lsm_getattr() may not initialize the value's pointer in some
> > case. As for proc_pid_attr_read(), initialize this pointer to NULL in
> > selinux_getselfattr() to avoid an UAF in the kfree() call.
>
> Not UAF but NULL pointer dereference (both patches)...
Well, that may be the result (as observed with the kfree() call), but
the cause is obviously an uninitialized pointer.
Powered by blists - more mailing lists