diff options
author | Sona Sarmadi <sona.sarmadi@enea.com> | 2016-01-27 10:45:52 +0100 |
---|---|---|
committer | Paul Vaduva <Paul.Vaduva@enea.com> | 2016-01-28 09:17:35 +0100 |
commit | f846a18b030d4bccbb7a2d1fb7359df6c6c69048 (patch) | |
tree | 77a25f09545a30519ea1b141a71a2e483d1ef05b /recipes-kernel/linux/linux-hierofalcon-4.1/virtio-net-CVE-2015-5156.patch | |
parent | e568d65e41f3fde7db8a8aab60ac7e750ea73325 (diff) | |
download | meta-hierofalcon-f846a18b030d4bccbb7a2d1fb7359df6c6c69048.tar.gz |
kernel:vfs: CVE-2015-2925
Fixes a flaw which was found in the way the Linux kernel's file system
implementation handled rename operations in which the source was inside
and the destination was outside of a bind mount.
A privileged user inside a container could use this flaw to escape the bind
mount and, potentially, escalate their privileges on the system.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2925
http://www.openwall.com/lists/oss-security/2015/04/03/7
Reference to the upstream fixes:
vfs: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
commit/?id=397d425dc26da728396e66d392d5dcb8dac30c37
dcache: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
commit/?id=cde93be45a8a90d8c264c776fab63487b5038a65
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
Diffstat (limited to 'recipes-kernel/linux/linux-hierofalcon-4.1/virtio-net-CVE-2015-5156.patch')
0 files changed, 0 insertions, 0 deletions