unix: properly account for FDs passed over unix sockets (712f4aad) · Commits · Mirrors / git.kernel.org / pub_scm_linux_kernel_git_stable_linux · GitLab

Commit 712f4aad authored Jan 10, 2016 by

willy tarreau Committed by David S. Miller Jan 11, 2016

unix: properly account for FDs passed over unix sockets



It is possible for a process to allocate and accumulate far more FDs than
the process' limit by sending them over a unix socket then closing them
to keep the process' fd count low.

This change addresses this problem by keeping track of the number of FDs
in flight per user and preventing non-privileged processes from having
more FDs in flight than their configured FD limit.

Reported-by:  <socketpair@gmail.com>
Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Mitigates: CVE-2013-4312 (Linux 2.0+)
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent 3e4006f0

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit b401d7e4
· Sep 20, 2023

mentioned in commit b401d7e4

mentioned in commit b401d7e485b0a234cf8fe9a6ae99dbcd20863138

Toggle commit list
mirror @mirror
mentioned in commit 9151ed4b
· Sep 20, 2023

mentioned in commit 9151ed4b

mentioned in commit 9151ed4b006125cba7c06c79df504340ea4e9386

Toggle commit list
mirror @mirror
mentioned in commit df97b5ea
· Sep 24, 2023

mentioned in commit df97b5ea

mentioned in commit df97b5ea9f3ac9308c3a633524dab382cd59d9e5

Toggle commit list
mirror @mirror
mentioned in commit 03d133df
· Sep 24, 2023

mentioned in commit 03d133df

mentioned in commit 03d133dfbcec9d439729cc64706c7eb6d1663a24

Toggle commit list
mirror @mirror
mentioned in commit adcf4e06
· Sep 24, 2023

mentioned in commit adcf4e06

mentioned in commit adcf4e069358cdee8593663650ea447215a1c49e

Toggle commit list

Please register or to comment