diff options
| author | Josh Boyer <jwboyer@redhat.com> | 2013-03-07 07:56:22 -0500 |
|---|---|---|
| committer | Josh Boyer <jwboyer@redhat.com> | 2013-03-07 07:58:59 -0500 |
| commit | 4bd0ec95ad9d61233a9c918e3c7fe65a81da8d73 (patch) | |
| tree | fff25f29af9c731012b71a64c9fad37e62757045 | |
| parent | 2ff05084e67e2ce30f4714a38c34c8a1d5e9659d (diff) | |
| download | kernel-4bd0ec95ad9d61233a9c918e3c7fe65a81da8d73.tar.gz kernel-4bd0ec95ad9d61233a9c918e3c7fe65a81da8d73.tar.xz kernel-4bd0ec95ad9d61233a9c918e3c7fe65a81da8d73.zip | |
CVE-2013-1792 keys: race condition in install_user_keyrings (rhbz 916646 919021)
| -rw-r--r-- | kernel.spec | 11 | ||||
| -rw-r--r-- | keys-fix-race-with-concurrent-install_user_keyrings.patch | 15 |
2 files changed, 25 insertions, 1 deletions
diff --git a/kernel.spec b/kernel.spec index 05966b430..73c38437a 100644 --- a/kernel.spec +++ b/kernel.spec @@ -62,7 +62,7 @@ Summary: The Linux kernel # For non-released -rc kernels, this will be appended after the rcX and # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3" # -%global baserelease 4 +%global baserelease 5 %global fedora_build %{baserelease} # base_sublevel is the kernel version we're starting with and patching @@ -742,6 +742,9 @@ Patch21265: efi-fixes.patch #rhbz 918408 Patch21266: x86-bootparams-dont-clear-efi_info.patch +# CVE-2013-1792 rhbz 916646,919021 +Patch21267: keys-fix-race-with-concurrent-install_user_keyrings.patch + Patch22000: weird-root-dentry-name-debug.patch #selinux ptrace child permissions @@ -1441,6 +1444,9 @@ ApplyPatch intel_pstate-Fix-intel_pstate_init-error-path.patch #rhbz 917984 ApplyPatch efi-fixes.patch +# CVE-2013-1792 rhbz 916646,919021 +ApplyPatch keys-fix-race-with-concurrent-install_user_keyrings.patch + # END OF PATCH APPLICATIONS %endif @@ -2282,6 +2288,9 @@ fi # ||----w | # || || %changelog +* Thu Mar 07 2013 Josh Boyer <jwboyer@redhat.com> +- CVE-2013-1792 keys: race condition in install_user_keyrings (rhbz 916646 919021) + * Wed Mar 06 2013 Josh Boyer <jwboyer@redhat.com> - Adjust secure-boot patchset to work with boot_params sanitizing - Don't clear efi_info in boot_params (rhbz 918408) diff --git a/keys-fix-race-with-concurrent-install_user_keyrings.patch b/keys-fix-race-with-concurrent-install_user_keyrings.patch new file mode 100644 index 000000000..ba7b30a6d --- /dev/null +++ b/keys-fix-race-with-concurrent-install_user_keyrings.patch @@ -0,0 +1,15 @@ +diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c +index 58dfe08..c5ec083 100644 +--- a/security/keys/process_keys.c ++++ b/security/keys/process_keys.c +@@ -57,7 +57,7 @@ int install_user_keyrings(void) + + kenter("%p{%u}", user, uid); + +- if (user->uid_keyring) { ++ if (user->uid_keyring && user->session_keyring) { + kleave(" = 0 [exist]"); + return 0; + } + +
\ No newline at end of file |