[CVE-2011-0006] IMA rule vunerability
Andy Whitcroft
apw at canonical.com
Wed Feb 1 09:35:56 UTC 2012
CVE-2011-0006
A flaw was found in the Linux kernel's Integrity Measurement
Architecture (IMA) implementation. When SELinux was disabled,
adding an IMA rule which was supposed to be processed by SELinux
would cause ima_match_rules() to always succeed, ignoring any
remaining rules.
This was introduced in lucid. Fixes for this have hit lucid and later
via mainline and stable. Following this email is a patch for
maverick/ti-omap4, this fix is a cherry-pick from the mainline fix.
Proposing for maverick/ti-omap4.
-apw
More information about the kernel-team
mailing list