Message ID | 20210317171627.888-1-tim.gardner@canonical.com |
---|---|
Headers | show |
Series | CVE-2015-1350 | expand |
On 17/03/2021 18:16, Tim Gardner wrote: > [Impact] > The VFS subsystem in the Linux kernel 3.x provides an incomplete set of > requirements for setattr operations that underspecifies removing extended > privilege attributes, which allows local users to cause a denial of service > (capability stripping) via a failed invocation of a system call, as demonstrated > by using chown to remove a capability from the ping or Wireshark dumpcap program. > > From the Ubuntu security team: > Ben Harris discovered that the Linux kernel would strip extended privilege > attributes of files when performing a failed unprivileged system call. A > local attacker could use this to cause a denial of service. > > The fix commit 030b533c4fd4d2ec3402363323de4bb2983c9cee "fs: Avoid premature > clearing of capabilities" required 3 scaffold patches. I used the stable > updates from linux-4.1.y as a guide. > > [Test Plan] > I've run passes with iozone and bonnie++ Acked-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com> Best regards, Krzysztof
On 17.03.21 18:16, Tim Gardner wrote: > [Impact] > The VFS subsystem in the Linux kernel 3.x provides an incomplete set of > requirements for setattr operations that underspecifies removing extended > privilege attributes, which allows local users to cause a denial of service > (capability stripping) via a failed invocation of a system call, as demonstrated > by using chown to remove a capability from the ping or Wireshark dumpcap program. > > From the Ubuntu security team: > Ben Harris discovered that the Linux kernel would strip extended privilege > attributes of files when performing a failed unprivileged system call. A > local attacker could use this to cause a denial of service. > > The fix commit 030b533c4fd4d2ec3402363323de4bb2983c9cee "fs: Avoid premature > clearing of capabilities" required 3 scaffold patches. I used the stable > updates from linux-4.1.y as a guide. > > [Test Plan] > I've run passes with iozone and bonnie++ > > [Where problems could occur] > Released in > linux-3.16.y > linux-3.2.y > linux-4.1.y > > Acked-by: Stefan Bader <stefan.bader@canonical.com>
Applied to xenial/linux-master-next. Thanks. -rtg On 3/17/21 11:16 AM, Tim Gardner wrote: > [Impact] > The VFS subsystem in the Linux kernel 3.x provides an incomplete set of > requirements for setattr operations that underspecifies removing extended > privilege attributes, which allows local users to cause a denial of service > (capability stripping) via a failed invocation of a system call, as demonstrated > by using chown to remove a capability from the ping or Wireshark dumpcap program. > > From the Ubuntu security team: > Ben Harris discovered that the Linux kernel would strip extended privilege > attributes of files when performing a failed unprivileged system call. A > local attacker could use this to cause a denial of service. > > The fix commit 030b533c4fd4d2ec3402363323de4bb2983c9cee "fs: Avoid premature > clearing of capabilities" required 3 scaffold patches. I used the stable > updates from linux-4.1.y as a guide. > > [Test Plan] > I've run passes with iozone and bonnie++ > > [Where problems could occur] > Released in > linux-3.16.y > linux-3.2.y > linux-4.1.y >