CVE-2014-0102 keyctl_link can be used to cause an oops (rhbz 1071396)

This commit is contained in:
Josh Boyer 2014-02-28 11:48:34 -05:00
parent 2323b0271d
commit 2edcdbfc98
2 changed files with 26 additions and 0 deletions

View File

@ -634,6 +634,9 @@ Patch25203: dma-debug-account-for-cachelines-and-read-only-mappings.patch
#rhbz 1056170 #rhbz 1056170
Patch25025: usb-ehci-fix-deadlock-when-threadirqs-option-is-used.patch Patch25025: usb-ehci-fix-deadlock-when-threadirqs-option-is-used.patch
#CVE-2014-0102 rhbz 1071396
Patch25026: keyring-fix.patch
# END OF PATCH DEFINITIONS # END OF PATCH DEFINITIONS
%endif %endif
@ -1287,6 +1290,9 @@ ApplyPatch dma-debug-account-for-cachelines-and-read-only-mappings.patch
#rhbz 1056170 #rhbz 1056170
ApplyPatch usb-ehci-fix-deadlock-when-threadirqs-option-is-used.patch ApplyPatch usb-ehci-fix-deadlock-when-threadirqs-option-is-used.patch
#CVE-2014-0102 rhbz 1071396
ApplyPatch keyring-fix.patch
# END OF PATCH APPLICATIONS # END OF PATCH APPLICATIONS
%endif %endif
@ -2066,6 +2072,9 @@ fi
# ||----w | # ||----w |
# || || # || ||
%changelog %changelog
* Fri Feb 28 2014 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2014-0102 keyctl_link can be used to cause an oops (rhbz 1071396)
* Thu Feb 27 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.14.0-0.rc4.git2.1 * Thu Feb 27 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.14.0-0.rc4.git2.1
- Linux v3.14-rc4-45-gd2a0476 - Linux v3.14-rc4-45-gd2a0476

17
keyring-fix.patch Normal file
View File

@ -0,0 +1,17 @@
@@ -, +, @@
---
--- a/security/keys/keyring.c
+++ a/security/keys/keyring.c
@@ -1000,7 +1000,11 @@ static int keyring_detect_cycle_iterator(const void *object,
kenter("{%d}", key->serial);
- BUG_ON(key != ctx->match_data);
+ /* We might get a keyring with matching index-key that is nonetheless a
+ * different keyring. */
+ if (key != ctx->match_data)
+ return 0;
+
ctx->result = ERR_PTR(-EDEADLK);
return 1;
}