GitHub-Mirror/Star64_linux
2
0
Fork 0
mirror of https://github.com/Fishwaldo/Star64_linux.git synced 2025-06-27 00:51:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
No description
1062046 commits 24 branches 25 tags 2.7 GiB
Find a file
Ruihan Li ff9580db0b bluetooth: Perform careful capability checks in hci_sock_ioctl() 
commit 25c150ac10 upstream.

Previously, capability was checked using capable(), which verified that the
caller of the ioctl system call had the required capability. In addition,
the result of the check would be stored in the HCI_SOCK_TRUSTED flag,
making it persistent for the socket.

However, malicious programs can abuse this approach by deliberately sharing
an HCI socket with a privileged task. The HCI socket will be marked as
trusted when the privileged task occasionally makes an ioctl call.

This problem can be solved by using sk_capable() to check capability, which
ensures that not only the current task but also the socket opener has the
specified capability, thus reducing the risk of privilege escalation
through the previously identified vulnerability.

Cc: stable@vger.kernel.org
Fixes: f81f5b2db8 ("Bluetooth: Send control open and close messages for HCI raw sockets")
Signed-off-by: Ruihan Li <lrh2000@pku.edu.cn>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-06-06 18:07:05 +08:00
arch KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg() 2023-06-06 18:07:05 +08:00
block
certs
crypto
Documentation
drivers drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var 2023-06-06 18:07:05 +08:00
fs
include
init
io_uring
ipc
kernel
lib
LICENSES
mm
net bluetooth: Perform careful capability checks in hci_sock_ioctl() 2023-06-06 18:07:05 +08:00
samples
scripts ASN.1: Fix check for strdup() success 2023-06-06 18:06:47 +08:00
security
sound ASoC: fsl_asrc_dma: fix potential null-ptr-deref 2023-06-06 18:06:47 +08:00
tools selftests/kselftest/runner/run_one(): allow running non-executable files 2023-06-06 18:07:05 +08:00
usr
virt
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS
Makefile Linux 5.15.109 2023-06-06 18:06:47 +08:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.