References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Change History

In the Linux kernel, the following vulnerability has been resolved:

LSM: general protection fault in legacy_parse_param

The usual LSM hook "bail on fail" scheme doesn't work for cases where
a security module may return an error code indicating that it does not
recognize an input.  In this particular case Smack sees a mount option
that it recognizes, and returns 0. A call to a BPF hook follows, which
returns -ENOPARAM, which confuses the caller because Smack has processed
its data.

The SELinux

https://git.kernel.org/stable/c/00fc07fa0b4a004711b6e1a944f0d2e46f7093b7

https://git.kernel.org/stable/c/2784604c8c6fc523248f8f80a421c313a9d790b7

https://git.kernel.org/stable/c/cadae7c5e477aaafcba819b8e4a3d1c1a1503b62

https://git.kernel.org/stable/c/ddcdda888e14ca451b3ee83d11b65b2a9c8e783b

https://git.kernel.org/stable/c/ecff30575b5ad0eda149aadad247b7f75411fd47

https://git.kernel.org/stable/c/f3f93a1aaafc3032e0a9655fb43deccfb3e953a3