apfs/linux-apfs
0
0
Fork 0
mirror of https://github.com/linux-apfs/linux-apfs.git synced 2026-05-01 15:00:59 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
81bd0d56298f93af6ac233d8a7e8b29aa4b094b7
linux-apfs/security/smack
T
History
Roman Kubiak 81bd0d5629 Smack: type confusion in smak sendmsg() handler 
Smack security handler for sendmsg() syscall
is vulnerable to type confusion issue what
can allow to privilege escalation into root
or cause denial of service.

A malicious attacker can create socket of one
type for example AF_UNIX and pass is into
sendmsg() function ensuring that this is
AF_INET socket.

Remedy
Do not trust user supplied data.
Proposed fix below.

Signed-off-by: Roman Kubiak <r.kubiak@samsung.com>
Signed-off-by: Mateusz Fruba <m.fruba@samsung.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
2015-12-17 10:21:56 -08:00
..
Kconfig
Smack: secmark support for netfilter
2015-01-20 16:34:25 -08:00
Makefile
Smack: Repair netfilter dependency
2015-01-23 10:08:19 -08:00
smack_access.c
Smack: limited capability for changing process label
2015-10-19 12:06:47 -07:00
smack_lsm.c
Smack: type confusion in smak sendmsg() handler
2015-12-17 10:21:56 -08:00
smack_netfilter.c
smack: use skb_to_full_sk() helper
2015-11-08 20:56:38 -05:00
smack.h
Smack: limited capability for changing process label
2015-10-19 12:06:47 -07:00
smackfs.c
Smack: limited capability for changing process label
2015-10-19 12:06:47 -07:00