kernel:vfs: CVE-2015-2925

Fixes a flaw which was found in the way the Linux kernel's file system
implementation handled rename operations in which the source was inside
and the destination was outside of a bind mount.

A privileged user inside a container could use this flaw to escape the bind
mount and, potentially, escalate their privileges on the system.

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2925
http://www.openwall.com/lists/oss-security/2015/04/03/7

Reference to the upstream fixes:
vfs: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
commit/?id=397d425dc26da728396e66d392d5dcb8dac30c37

dcache: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
commit/?id=cde93be45a8a90d8c264c776fab63487b5038a65

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>

1 files changed, 2 insertions, 0 deletions

diff --git a/recipes-kernel/linux/linux-hierofalcon_4.1.bb b/recipes-kernel/linux/linux-hierofalcon_4.1.bb
index 61b1dae..4fafe34 100644
--- a/recipes-kernel/linux/linux-hierofalcon_4.1.bb
+++ b/recipes-kernel/linux/linux-hierofalcon_4.1.bb
@@ -28,6 +28,8 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto-4.1;branch="standard/qemuarm64
            file://vhost-CVE-2015-6252.patch \
            file://usb-whiteheat-CVE-2015-5257.patch \
            file://security-keys-CVE-2016-0728.patch \
+           file://vfs-CVE-2015-2925.patch \
+           file://dcache-CVE-2015-2925.patch \
            "
 
 S = "${WORKDIR}/git"