iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a5ee448d388cdafb154c10bde41865fb9ccf76a4
linux/security
History
Huaxin Lu 831e190175 ima: Fix a potential integer overflow in ima_appraise_measurement 
[ Upstream commit d2ee2cfc4a ]

When the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be
negative, which may cause the integer overflow problem.

Fixes: 39b0709636 ("ima: Implement support for module-style appended signatures")
Signed-off-by: Huaxin Lu <luhuaxin1@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-07-21 21:20:04 +02:00
..
apparmor
apparmor: fix error check
2021-11-18 14:04:22 +01:00
bpf
bpf: Implement bpf_local_storage for inodes
2020-08-25 15:00:04 -07:00
integrity
ima: Fix a potential integer overflow in ima_appraise_measurement
2022-07-21 21:20:04 +02:00
keys
KEYS: fix length validation in keyctl_pkey_params_get_2()
2022-04-08 14:39:50 +02:00
loadpin
LSM: Add "contents" flag to kernel_read_file hook
2020-10-05 13:37:03 +02:00
lockdown
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
2020-06-02 17:36:24 -07:00
safesetid
LSM: SafeSetID: Fix warnings reported by test bot
2020-10-13 09:17:36 -07:00
selinux
lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
2022-06-09 10:21:09 +02:00
smack
Fix incorrect type in assignment of ipv6 port for audit
2022-04-08 14:40:31 +02:00
tomoyo
TOMOYO: fix __setup handlers return values
2022-04-08 14:40:18 +02:00
yama
task_work: cleanup notification modes
2020-10-17 15:05:30 -06:00
commoncap.c
security: commoncap: fix -Wstringop-overread warning
2021-05-11 14:47:36 +02:00
device_cgroup.c
device_cgroup: Fix RCU list debugging warning
2020-08-20 11:25:03 -07:00
inode.c
Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2019-07-19 10:42:02 -07:00
Kconfig
fortify: Explicitly disable Clang support
2021-11-21 13:46:35 +01:00
Kconfig.hardening
security: allow using Clang's zero initialization for stack variables
2020-06-16 02:06:23 -07:00
lsm_audit.c
dump_common_audit_data(): fix racy accesses to ->d_name
2021-01-19 18:27:29 +01:00
Makefile
device_cgroup: Cleanup cgroup eBPF device filter code
2020-04-13 14:41:54 -04:00
min_addr.c
sysctl: pass kernel pointers to ->proc_handler
2020-04-27 02:07:40 -04:00
security.c
lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
2022-06-09 10:21:09 +02:00