From patchwork Thu Jul 21 13:13:45 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [natty, natty/ti-omap4, CVE, 4/5] auxv: require the target to be tracable (or yourself) Date: Thu, 21 Jul 2011 03:13:45 -0000 From: Andy Whitcroft X-Patchwork-Id: 106045 Message-Id: <1311254026-29719-16-git-send-email-apw@canonical.com> To: kernel-team@lists.ubuntu.com From: Al Viro same as for environ, except that we didn't do any checks to prevent access after suid execve Signed-off-by: Al Viro (cherry picked from commit 2fadaef41283aad7100fa73f01998cddaca25833) CVE-2011-1020 BugLink: http://bugs.launchpad.net/bugs/813026 Signed-off-by: Andy Whitcroft --- fs/proc/base.c | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 3803523..bf64fd7 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -281,9 +281,9 @@ out: static int proc_pid_auxv(struct task_struct *task, char *buffer) { - int res = 0; - struct mm_struct *mm = get_task_mm(task); - if (mm) { + struct mm_struct *mm = mm_for_maps(task); + int res = PTR_ERR(mm); + if (mm && !IS_ERR(mm)) { unsigned int nwords = 0; do { nwords += 2;