iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/security
History
Huaxin Lu 388f3df7c3 ima: Fix a potential integer overflow in ima_appraise_measurement 
[ Upstream commit d2ee2cfc4aa85ff6a2a3b198a3a524ec54e3d999 ]

When the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be
negative, which may cause the integer overflow problem.

Fixes: 39b07096364a ("ima: Implement support for module-style appended signatures")
Signed-off-by: Huaxin Lu <luhuaxin1@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-07-21 20:59:19 +02:00
..
apparmor
apparmor: fix error check
2021-11-17 09:48:44 +01:00
integrity
ima: Fix a potential integer overflow in ima_appraise_measurement
2022-07-21 20:59:19 +02:00
keys
KEYS: fix length validation in keyctl_pkey_params_get_2()
2022-04-15 14:17:58 +02:00
loadpin
proc/sysctl: add shared variables for range check
2019-07-18 17:08:07 -07:00
lockdown
lockdown: also lock down previous kgdb use
2022-06-06 08:33:48 +02:00
safesetid
LSM: SafeSetID: Stop releasing uninitialized ruleset
2019-09-17 11:27:05 -07:00
selinux
selinux: use correct type for context length
2022-04-15 14:18:22 +02:00
smack
Fix incorrect type in assignment of ipv6 port for audit
2022-04-15 14:18:22 +02:00
tomoyo
TOMOYO: fix __setup handlers return values
2022-04-15 14:18:13 +02:00
yama
proc/sysctl: add shared variables for range check
2019-07-18 17:08:07 -07:00
commoncap.c
security: commoncap: fix -Wstringop-overread warning
2021-05-11 14:04:16 +02:00
device_cgroup.c
device_cgroup: Fix RCU list debugging warning
2020-10-01 13:18:13 +02:00
inode.c
Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2019-07-19 10:42:02 -07:00
Kconfig
fortify: Explicitly disable Clang support
2021-11-21 13:38:50 +01:00
Kconfig.hardening
meminit fix
2019-07-28 12:33:15 -07:00
lsm_audit.c
dump_common_audit_data(): fix racy accesses to ->d_name
2021-01-19 18:26:16 +01:00
Makefile
security: Add a static lockdown policy LSM
2019-08-19 21:54:15 -07:00
min_addr.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
security.c
LSM: general protection fault in legacy_parse_param
2022-04-15 14:18:21 +02:00