[PATCH 2/2] AppArmor: Fix lsm_get_self_attr()
Paul Moore
paul at paul-moore.com
Tue Feb 27 16:01:24 UTC 2024
On Mon, Feb 26, 2024 at 2:59 PM Paul Moore <paul at paul-moore.com> wrote:
> On Fri, Feb 23, 2024 at 4:07 PM Paul Moore <paul at paul-moore.com> wrote:
> > On Fri, Feb 23, 2024 at 2:06 PM Mickaël Salaün <mic at digikod.net> wrote:
> > >
> > > aa_getprocattr() may not initialize the value's pointer in some case.
> > > As for proc_pid_attr_read(), initialize this pointer to NULL in
> > > apparmor_getselfattr() to avoid an UAF in the kfree() call.
> > >
> > > Cc: Casey Schaufler <casey at schaufler-ca.com>
> > > Cc: John Johansen <john.johansen at canonical.com>
> > > Cc: Paul Moore <paul at paul-moore.com>
> > > Cc: stable at vger.kernel.org
> > > Fixes: 223981db9baf ("AppArmor: Add selfattr hooks")
> > > Signed-off-by: Mickaël Salaün <mic at digikod.net>
> > > ---
> > > security/apparmor/lsm.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > If you like John, I can send this up to Linus with the related SELinux
> > fix, I would just need an ACK from you.
>
> Reviewed-by: Paul Moore <paul at paul-moore.com>
>
> This patch looks good to me, and while we've still got at least two
> (maybe three?) more weeks before v6.8 is tagged, I think it would be
> good to get this up to Linus ASAP. I'll hold off for another day, but
> if we don't see any comment from John I'll go ahead and merge this and
> send it up to Linus with the SELinux fix; I'm sure John wouldn't be
> happy if v6.8 went out the door without this fix.
I just merged this into lsm/stable-6.8 and once the automated
build/test has done it's thing and come back clean I'll send this,
along with the associated SELinux fix, up to Linus. Thanks all.
John, if this commit is problematic please let me know and I'll send a
fix or a revert.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list