Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / d616bdf0ab4f657f47e637fdaa403513e9d8c4c9
commitd616bdf0ab4f657f47e637fdaa403513e9d8c4c9[log] [tgz]
authorTeow Wan Yee <wy.teow@hi-p.com>Fri Aug 26 15:16:40 2016 +0800
committerTeemu Hukkanen <teemu@fairphone.com>Wed Sep 21 14:30:32 2016 +0200
tree59c97126f92f14d36d40613e669f6eb08ec823cb
parent29d9449a50dab85204d088e62f11dac55dce676e [diff]
FPII-2318: Elevation of privilege vulnerability in kernel networking subsystem CVE-2013-7446 A-29119002

There is a potential use-after-free vulnerability in the net/unix/af_unix.c file, in the Linux kernel
before 4.3.3, that allows local users to bypass intended AF_UNIX socket permissions via crafted epoll_ctl calls.
The fix is designed to remove the second call to sock_poll_wait in the unix_dgram_poll function to prevent the
potential use-after-free vulnerability.

Change-Id: I5fc989df4392e585fed6ba9ed6a7e39d98851ab5
2 files changed
tree: 59c97126f92f14d36d40613e669f6eb08ec823cb
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. AndroidKernel.mk
  25. COPYING
  26. CREDITS
  27. Kbuild
  28. Kconfig
  29. MAINTAINERS
  30. Makefile
  31. README
  32. REPORTING-BUGS