oss-sec mailing list archives
CVE request - kernel: jfs: don't allow os2 xattr namespace overlap with others
From: Eugene Teo <eugeneteo () kernel sg>
Date: Fri, 20 Aug 2010 16:02:54 +0800
Upstream commit: aca0fa34bdaba39bfddddba8ca70dba4782e8fe6Description from the commit: It's currently possible to bypass xattr namespace access rules by prefixing valid xattr names with "os2.", since the os2 namespace stores extended attributes in a legacy format with no prefix.
This patch adds checking to deny access to any valid namespace prefix following "os2.".
Thanks, Eugene -- main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
Current thread:
- CVE request - kernel: jfs: don't allow os2 xattr namespace overlap with others Eugene Teo (Aug 20)
- Re: CVE request - kernel: jfs: don't allow os2 xattr namespace overlap with others Josh Bressers (Aug 20)