forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/security
History
Roberto Sassu 6e322a9e42 evm: check hash algorithm passed to init_desc() 
commit 221be106d7 upstream.

This patch prevents memory access beyond the evm_tfm array by checking the
validity of the index (hash algorithm) passed to init_desc(). The hash
algorithm can be arbitrarily set if the security.ima xattr type is not
EVM_XATTR_HMAC.

Fixes: 5feeb61183 ("evm: Allow non-SHA1 digital signatures")
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Cc: stable@vger.kernel.org
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-06-09 09:17:21 +02:00
..
apparmor apparmorfs: fix use-after-free on symlink traversal 2019-05-25 18:23:42 +02:00
integrity evm: check hash algorithm passed to init_desc() 2019-06-09 09:17:21 +02:00
keys keys: Fix dependency loop between construction record and auth key 2019-03-23 20:09:48 +01:00
loadpin
selinux selinux: avoid uninitialized variable warning 2019-05-31 06:46:31 -07:00
smack smack: fix access permissions for keyring 2019-02-12 19:47:05 +01:00
tomoyo
yama
commoncap.c
device_cgroup.c device_cgroup: fix RCU imbalance in error case 2019-04-27 09:36:40 +02:00
inode.c securityfs: fix use-after-free on symlink traversal 2019-05-25 18:23:42 +02:00
Kconfig
lsm_audit.c missing barriers in some of unix_sock ->addr and ->path accesses 2019-03-19 13:12:41 +01:00
Makefile
min_addr.c
security.c