android_kernel_zuk_msm8996.git

diff options

author	Kees Cook <keescook@chromium.org>	2021-05-25 12:37:35 -0700
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2021-06-03 08:22:04 +0200
commit	2f5500e3c8414351566777335af82e72381468f7 (patch)
tree	1ea67902eb10db3f0746232e6e65cf34bedbe499 /tools/perf/scripts/python
parent	448a1cb12977f52142e6feb12022c59662d88dc1 (diff)

proc: Check /proc/$pid/attr/ writes against file opener

commit bfb819ea20ce8bbeeba17e1a6418bf8bda91fc28 upstream. Fix another "confused deputy" weakness[1]. Writes to /proc/$pid/attr/ files need to check the opener credentials, since these fds do not transition state across execve(). Without this, it is possible to trick another process (which may have different credentials) to write to its own /proc/$pid/attr/ files, leading to unexpected and possibly exploitable behaviors. [1] https://www.kernel.org/doc/html/latest/security/credentials.html?highlight=confused#open-file-credentials Fixes: 1da177e4c3f41 ("Linux-2.6.12-rc2") Cc: stable@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'tools/perf/scripts/python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: