oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2020-10751 - Linux kernel: SELinux netlink permission check bypass

From: Ondrej Mosnacek <omosnace () redhat com>
Date: Wed, 27 May 2020 09:44:50 +0200
(Resending with correct ML address...)

Hello,

This flaw has already been announced and described here:
https://www.openwall.com/lists/oss-security/2020/04/30/5

This is just a note to let you know that it has been assigned a
CVE-2020-10751 upon request from Red Hat.

The flaw is fixed by the following upstream commit:

commit fb73974172ffaaf57a7c42f35424d9aece1a5af6
Author: Paul Moore <paul () paul-moore com>
Date:   Tue Apr 28 09:59:02 2020 -0400

   selinux: properly handle multiple messages in selinux_netlink_send()

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6

The flaw dates back at least to Linux-2.6.12-rc2, so likely all
versions of Linux currently in use are affected.

RH tracker: https://bugzilla.redhat.com/show_bug.cgi?id=1839634

-- 
Ondrej Mosnacek
Software Engineer, Platform Security - SELinux kernel,
Red Hat, Inc.
Previous By Date Next
Previous By Thread Next

Current thread: