wok-next view linux/stuff/linux-CVE-2013-2929.u @ rev 17172

Up firefox-official (32.0.3) CVE-2014-1568
author Pascal Bellard <pascal.bellard@slitaz.org>
date Thu Sep 25 15:28:17 2014 +0200 (2014-09-25)
parents
children
line source
1 https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4004afd5f51ad0a86be405522b1ecf28ba66f4e5
2 --- linux-3.2.53/arch/ia64/include/asm/processor.h
3 +++ linux-3.2.53/arch/ia64/include/asm/processor.h
4 @@ -320,7 +320,7 @@
5 regs->loadrs = 0; \
6 regs->r8 = get_dumpable(current->mm); /* set "don't zap registers" flag */ \
7 regs->r12 = new_sp - 16; /* allocate 16 byte scratch area */ \
8 - if (unlikely(!get_dumpable(current->mm))) { \
9 + if (unlikely(get_dumpable(current->mm) != SUID_DUMP_USER)) { \
10 /* \
11 * Zap scratch regs to avoid leaking bits between processes with different \
12 * uid/privileges. \
13 --- linux-3.2.53/include/linux/binfmts.h
14 +++ linux-3.2.53/include/linux/binfmts.h
15 @@ -112,9 +112,6 @@
16 extern void would_dump(struct linux_binprm *, struct file *);
18 extern int suid_dumpable;
19 -#define SUID_DUMP_DISABLE 0 /* No setuid dumping */
20 -#define SUID_DUMP_USER 1 /* Dump as user of process */
21 -#define SUID_DUMP_ROOT 2 /* Dump as root */
23 /* Stack area protections */
24 #define EXSTACK_DEFAULT 0 /* Whatever the arch defaults to */
25 --- linux-3.2.53/include/linux/sched.h
26 +++ linux-3.2.53/include/linux/sched.h
27 @@ -402,6 +402,9 @@
29 extern void set_dumpable(struct mm_struct *mm, int value);
30 extern int get_dumpable(struct mm_struct *mm);
31 +#define SUID_DUMP_DISABLE 0 /* No setuid dumping */
32 +#define SUID_DUMP_USER 1 /* Dump as user of process */
33 +#define SUID_DUMP_ROOT 2 /* Dump as root */
35 /* mm flags */
36 /* dumpable bits */
37 --- linux-3.2.53/kernel/ptrace.c
38 +++ linux-3.2.53/kernel/ptrace.c
39 @@ -246,7 +246,7 @@
40 smp_rmb();
41 if (task->mm)
42 dumpable = get_dumpable(task->mm);
43 - if (!dumpable && !task_ns_capable(task, CAP_SYS_PTRACE))
44 + if (dumpable != SUID_DUMP_USER && !task_ns_capable(task, CAP_SYS_PTRACE))
45 return -EPERM;
47 return security_ptrace_access_check(task, mode);