[SRU][Trusty][PATCH 0/1] Fix for CVE-2017-18270
Kleber Sacilotto de Souza
kleber.souza at canonical.com
Tue Jul 24 14:15:14 UTC 2018
https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18270.html
Backport needed for Trusty mainly to adjust for context.
Tested with the reproducer from the commit message.
Eric Biggers (1):
KEYS: prevent creating a different user's keyrings
include/linux/key.h | 2 ++
security/keys/internal.h | 2 +-
security/keys/key.c | 2 ++
security/keys/keyring.c | 23 ++++++++++++++---------
security/keys/process_keys.c | 8 ++++++--
5 files changed, 25 insertions(+), 12 deletions(-)
--
2.17.1
More information about the kernel-team
mailing list