git.karo-electronics.de Git - karo-tx-linux.git/commit

author	Eric Dumazet <edumazet@google.com>
	Tue, 21 Aug 2012 06:21:17 +0000 (06:21 +0000)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 2 Oct 2012 17:38:55 +0000 (10:38 -0700)
commit	7d34ab836a0130db7643b55eb8713726ef704b52
tree	7857fb34cb64f6d93d2deb339acb833bab0a8949	tree \| snapshot
parent	c182b9556632ce565dc7ecbb49759334628f75bb	commit \| diff

af_netlink: force credentials passing [CVE-2012-3520]

[ Upstream commit e0e3cea46d31d23dc40df0a49a7a2c04fe8edfea ]

Pablo Neira Ayuso discovered that avahi and
potentially NetworkManager accept spoofed Netlink messages because of a
kernel bug. The kernel passes all-zero SCM_CREDENTIALS ancillary data
to the receiver if the sender did not provide such data, instead of not
including any such data at all or including the correct data from the
peer (as it is the case with AF_UNIX).

This bug was introduced in commit 16e572626961
(af_unix: dont send SCM_CREDENTIALS by default)

This patch forces passing credentials for netlink, as
before the regression.

Another fix would be to not add SCM_CREDENTIALS in
netlink messages if not provided by the sender, but it
might break some programs.

With help from Florian Weimer & Petr Matousek

This issue is designated as CVE-2012-3520

Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Petr Matousek <pmatouse@redhat.com>
Cc: Florian Weimer <fweimer@redhat.com>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

include/net/scm.h		diff \| blob \| history
net/netlink/af_netlink.c		diff \| blob \| history
net/unix/af_unix.c		diff \| blob \| history