android_kernel_zuk_msm8996.git

diff options

author	Kevin Cernekee <cernekee@chromium.org>	2017-12-05 15:42:41 -0800
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2018-01-31 12:06:11 +0100
commit	d01ceb4722cd8d64176272434fe332b596750d9c (patch)
tree	25a4bfd14c4fa50d357d747426d265b820d0ae96 /include/linux/timerqueue.h
parent	a359a437fbc6bb08aa9cc8e25ef4ac3b77ca727b (diff)

netfilter: xt_osf: Add missing permission checks

commit 916a27901de01446bcf57ecca4783f6cff493309 upstream. The capability check in nfnetlink_rcv() verifies that the caller has CAP_NET_ADMIN in the namespace that "owns" the netlink socket. However, xt_osf_fingers is shared by all net namespaces on the system. An unprivileged user can create user and net namespaces in which he holds CAP_NET_ADMIN to bypass the netlink_net_capable() check: vpnns -- nfnl_osf -f /tmp/pf.os vpnns -- nfnl_osf -f /tmp/pf.os -d These non-root operations successfully modify the systemwide OS fingerprint list. Add new capable() checks so that they can't. Signed-off-by: Kevin Cernekee <cernekee@chromium.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Acked-by: Michal Kubecek <mkubecek@suse.cz> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'include/linux/timerqueue.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: