81bd0d5629
Smack security handler for sendmsg() syscall is vulnerable to type confusion issue what can allow to privilege escalation into root or cause denial of service. A malicious attacker can create socket of one type for example AF_UNIX and pass is into sendmsg() function ensuring that this is AF_INET socket. Remedy Do not trust user supplied data. Proposed fix below. Signed-off-by: Roman Kubiak <r.kubiak@samsung.com> Signed-off-by: Mateusz Fruba <m.fruba@samsung.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com> |
||
---|---|---|
.. | ||
Kconfig | ||
Makefile | ||
smack_access.c | ||
smack_lsm.c | ||
smack_netfilter.c | ||
smack.h | ||
smackfs.c |