Description
In the Linux kernel, the following vulnerability has been resolved: fs: Pass AT_GETATTR_NOSEC flag to getattr interface function When vfs_getattr_nosec() calls a filesystem's getattr interface function then the 'nosec' should propagate into this function so that vfs_getattr_nosec() can again be called from the filesystem's gettattr rather than vfs_getattr(). The latter would add unnecessary security checks that the initial vfs_getattr_nosec() call wanted to avoid. Therefore, introduce the getattr flag GETATTR_NOSEC and allow to pass with the new getattr_flags parameter to the getattr interface function. In overlayfs and ecryptfs use this flag to determine which one of the two functions to call. In a recent code change introduced to IMA vfs_getattr_nosec() ended up calling vfs_getattr() in overlayfs, which in turn called security_inode_getattr() on an exiting process that did not have current->fs set anymore, which then caused a kernel NULL pointer dereference. With this change the call to security_inode_getattr() can be avoided, thus avoiding the NULL pointer dereference.
INFO
Published Date :
2024-05-21T15:30:58.899Z
Last Modified :
2025-05-04T07:43:03.839Z
Source :
Linux
AFFECTED PRODUCTS
The following products are affected by CVE-2023-52779 vulnerability.
| Vendors | Products |
|---|---|
| Linux |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2023-52779.
