oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: apparmor: oops in apparmor_setprocattr()

From: cve-assign () mitre org
Date: Sat, 9 Jul 2016 10:36:03 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


http://marc.info/?l=linux-kernel&m=146793642811929&w=2
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a46a4647fd1df9cf52e43bf467f0d9265096ca



Note: it may be possible to get a local privilege escalation out of this 
bug.



apparmor: fix oops, validate buffer size in apparmor_setprocattr()

    

When proc_pid_attr_write() was changed to use memdup_user apparmor's
(interface violating) assumption that the setprocattr buffer was always
a single page was violated.


Use CVE-2016-6187.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXgQtrAAoJEHb/MwWLVhi2z0wQAIz473jwzdiwtT1tVaOHxuLj
5ptbSsvbr9tiMfiiyKzvxI3bDvXr/6GRI8bfxYq/m+tPA3C9N15pW/7CJqcNW5FH
W7aUiGHqikPMb+nEulObtl8Ib2xnkCmA3vB8WMARavvQzFjlZ2llx20cAOKtO07F
pBkhK1/RHiYVHI7eareqsB9KCrgibiiO58OhrYHtOJhcgGwOPE4Hr1jeg3je53dp
PQWXNOah9lQ9aUV2hXKArDRlEWehH4CTC8fM4Lr5v7Hw3tTa2LAQoOC/dPSdYiJJ
i5KwtXQlSjEbDElg7VBdspA5jntIGKq3XCC9pep0wHh8XtbPNOiJwKSs196nxny/
uS9ChoS4MFWgpNe2MY7wANAWlqNdcnicyQpiiYsyy/W3luumd3LaYayiITjzWPGM
wu29GhYRIcRhaJ3BBzdGKLITCpqrOdlHRkJONYgzfZyFTND7bbC0JkJ70x/JOPww
S16HjC3BEtH+H/3pnYLtZ+PnZ36vdP01Dbp3oRuICcloMSXm5d9eeMQX5JhUq2ms
xLrr0kxwo0fxYAS6C8lR7fAX/ueCY980AcPRWlMzZbeHxsfK+1CMN8Of233PTxx6
WpvN5iSg8OydurewOJKHUdrYERON/afF/FcfqN3vNDHM9oDHXMKlcp0s7APMZf7K
EBChJPlAsaURokHYcm0L
=roE2
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: