On 27/01/2017 11:47, Jiri Slaby wrote:
From: Vegard Nossum <redacted>
This patch has been added to the 3.12 stable tree. If you have any
objections, please let us know.
===============
commit e89b8081327ac9efbf273e790b8677e64fd0361a upstream.
IIRC this fixed a bug introduced in 4.7 or 4.8 or something, so I don't
think it's needed for 3.12, unless...
When proc_pid_attr_write() was changed to use memdup_user apparmor's
(interface violating) assumption that the setprocattr buffer was always
a single page was violated.
The size test is not strictly speaking needed as proc_pid_attr_write()
will reject anything larger, but for the sake of robustness we can keep
it in.
SMACK and SELinux look safe to me, but somebody else should probably
have a look just in case.
Based on original patch from Vegard Nossum [off-list ref]
modified for the case that apparmor provides null termination.
Fixes: bb646cdb12e75d82258c2f2e7746d5952d3e321a
...unless 3.12 has a backport of this commit?
Or did you find that older kernels are vulnerable too?
Vegard