CVE request: kernel/AppArmor local denial of service

[Marcus Meissner <meissner () suse de>]

Hi,

A process can cause itself to Ooops by doing an invalid formatted
write to the process attr/current when the Apparmor security framework
is enabled (even without a apparmor profile).

e.g. by doing "echo 'AAA AAA' > /proc/$$/attr/current"

This will cause a NULL ptr dereference, which oopses the current process and
in connection with kdump or panic on oops will halt the machine.

References:
https://bugs.launchpad.net/apparmor/+bug/789409
https://bugzilla.novell.com/show_bug.cgi?id=717209

Fix is in:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commitdiff;h=a5b2c5b2ad5853591a6cac6134cd0f599a720865

This only affected Linux kernel mainline since the introduction of
AppArmor up to and including 3.0-rc2

The SUSE patchset used in our older distribution had a additional NULL
check avoiding the issue.

Ciao, Marcus