proc: Check /proc/$pid/attr/ writes against file opener
stable inclusion from linux-4.19.193 commit 582a9b9813ecc89a3b5944ea412f383d02904c50 -------------------------------- commit bfb819ea upstream. Fix another "confused deputy" weakness[1]. Writes to /proc/$pid/attr/ files need to check the opener credentials, since these fds do not transition state across execve(). Without this, it is possible to trick another process (which may have different credentials) to write to its own /proc/$pid/attr/ files, leading to unexpected and possibly exploitable behaviors. [1] https://www.kernel.org/doc/html/latest/security/credentials.html?highlight=confused#open-file-credentials Fixes: 1da177e4 ("Linux-2.6.12-rc2") Cc: stable@vger.kernel.org Signed-off-by:Kees Cook <keescook@chromium.org> Signed-off-by:
Loading
Please sign in to comment