Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / fc3563e098fe7ab3960da0b84b6a6f8d37134061
commitfc3563e098fe7ab3960da0b84b6a6f8d37134061[log] [tgz]
authorJeron Susan <jeron.susan@hi-p.com>Wed Aug 24 14:00:41 2016 +0800
committerJeron Susan <jeron.susan@hi-p.com>Wed Aug 24 14:02:41 2016 +0800
tree2c1a38bff320ba194aec15d8562565d2411aa995
parent1b2bce6f5944e83921fcf7e381fb5cb8d8d31637 [diff]
FPII-2317: Elevation of privilege vulnerability in kernel security subsystem CVE-2016-4470 A-29823941

The key_reject_and_link function in the security/keys/key.c file, in the Linux kernel through 4.6.3, contains an error in which a key-lookup could fail and in an attempt to cache, the failed lookup may attempt to free memory that could still be in use, leading to a potential use-after-free vulnerability.
The fix is designed to add an additional check condition to ensure the data structure is initialized and prevents the potential use-after-free vulnerability.

Change-Id: Ia83f75010b050139b9a5868461bc75abdc0a7e87
1 file changed
tree: 2c1a38bff320ba194aec15d8562565d2411aa995
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. AndroidKernel.mk
  25. COPYING
  26. CREDITS
  27. Kbuild
  28. Kconfig
  29. MAINTAINERS
  30. Makefile
  31. README
  32. REPORTING-BUGS