CVE-2013-1792 keys: race condition in install_user_keyrings (rhbz 916646 919021)
This commit is contained in:
Josh Boyer
parent
8d3a89bb31
commit
86ce060b46
|
|
@ -738,6 +738,9 @@ Patch22264: efi-fixes-3.8.patch
|
|||
#rhbz 918512 918521
|
||||
Patch22265: crypto-user-fix-info-leaks-in-report-API.patch
|
||||
|
||||
# CVE-2013-1792 rhbz 916646,919021
|
||||
Patch22266: keys-fix-race-with-concurrent-install_user_keyrings.patch
|
||||
|
||||
#rhbz 812111
|
||||
Patch24000: alps.patch
|
||||
|
||||
|
|
@ -1452,6 +1455,9 @@ ApplyPatch userns-avoid-recursion-in-put_user_ns.patch
|
|||
#rhbz 859346
|
||||
ApplyPatch fix-destroy_conntrack-GPF.patch
|
||||
|
||||
# CVE-2013-1792 rhbz 916646,919021
|
||||
ApplyPatch keys-fix-race-with-concurrent-install_user_keyrings.patch
|
||||
|
||||
# END OF PATCH APPLICATIONS
|
||||
|
||||
%endif
|
||||
|
|
@ -2308,6 +2314,9 @@ fi
|
|||
# '-' | |
|
||||
# '-'
|
||||
%changelog
|
||||
* Thu Mar 07 2013 Josh Boyer <jwboyer@redhat.com>
|
||||
- CVE-2013-1792 keys: race condition in install_user_keyrings (rhbz 916646 919021)
|
||||
|
||||
* Wed Mar 06 2013 Justin M. Forbes <jforbes@redhat.com>
|
||||
- Remove Ricoh multifunction DMAR patch as it's no longer needed (rhbz 880051)
|
||||
- Fix destroy_conntrack GPF (rhbz 859346)
|
||||
|
|
|
|||
|
|
@ -0,0 +1,15 @@
|
|||
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
|
||||
index 58dfe08..c5ec083 100644
|
||||
--- a/security/keys/process_keys.c
|
||||
+++ b/security/keys/process_keys.c
|
||||
@@ -57,7 +57,7 @@ int install_user_keyrings(void)
|
||||
|
||||
kenter("%p{%u}", user, uid);
|
||||
|
||||
- if (user->uid_keyring) {
|
||||
+ if (user->uid_keyring && user->session_keyring) {
|
||||
kleave(" = 0 [exist]");
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue