Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 8b964eae204d791421677ec56b94a7b18cf8740d
commit8b964eae204d791421677ec56b94a7b18cf8740d[log] [tgz]
authorJohn Johansen <john.johansen@canonical.com>Wed Feb 22 00:32:30 2012 -0800
committerJohn Johansen <john.johansen@canonical.com>Mon Feb 27 11:38:21 2012 -0800
tree7c1a7b5b6be9f2d9b60d8cba1094635d3f74466c
parentade3ddc01e2e426cc24c744be85dcaad4e8f8aba [diff]
AppArmor: Fix underflow in xindex calculation

If the xindex value stored in the accept tables is 0, the extraction of
that value will result in an underflow (0 - 4).

In properly compiled policy this should not happen for file rules but
it may be possible for other rule types in the future.

To exploit this underflow a user would have to be able to load a corrupt
policy, which requires CAP_MAC_ADMIN, overwrite system policy in kernel
memory or know of a compiler error resulting in the flaw being present
for loaded policy (no such flaw is known at this time).

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <kees@ubuntu.com>
1 file changed
tree: 7c1a7b5b6be9f2d9b60d8cba1094635d3f74466c
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS