CaROS/meta-selinux
3
0
Fork 0
mirror of git://git.yoctoproject.org/meta-selinux synced 2026-01-01 13:58:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

libsepol: Security fix CVE-2021-36085

Browse Source 
Source: https://github.com/SELinuxProject/selinux/
MR: 111857
Type: Security Fix
Disposition: Backport from 2d35fcc7e9
ChangeID: e50ae65189351ee618db2b278ba7105a5728e4c4
Description:

Affects: libsepol <= 3.2

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
This commit is contained in:
Armin Kuster 2021-09-16 16:57:35 -07:00 committed by Joe MacDonald
parent 3525f5c3f4
commit 3846a1cc51
2 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
recipes-security/selinux/libsepol/CVE-2021-36085.patch Normal file
View File

@ -0,0 +1,38 @@
From 2d35fcc7e9e976a2346b1de20e54f8663e8a6cba Mon Sep 17 00:00:00 2001
From: James Carter <jwcart2@gmail.com>
Date: Thu, 8 Apr 2021 13:32:04 -0400
Subject: [PATCH] libsepol/cil: Destroy classperm list when resetting map perms
Map perms share the same struct as regular perms, but only the
map perms use the classperms field. This field is a pointer to a
list of classperms that is created and added to when resolving
classmapping rules, so the map permission doesn't own any of the
data in the list and this list should be destroyed when the AST is
reset.
When resetting a perm, destroy the classperms list without destroying
the data in the list.
Signed-off-by: James Carter <jwcart2@gmail.com>
Upstream-Status: Backport
CVE: CVE-2021-36085
Signed-off-by: Armin Kuster <akuster@mvista.com>
---
libsepol/cil/src/cil_reset_ast.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: libsepol-3.0/cil/src/cil_reset_ast.c
===================================================================
--- libsepol-3.0.orig/cil/src/cil_reset_ast.c
+++ libsepol-3.0/cil/src/cil_reset_ast.c
@@ -34,7 +34,7 @@ static void cil_reset_class(struct cil_c
static void cil_reset_perm(struct cil_perm *perm)
{
- cil_reset_classperms_list(perm->classperms);
+ cil_list_destroy(&perm->classperms, CIL_FALSE);
}
static inline void cil_reset_classperms(struct cil_classperms *cp)

3
recipes-security/selinux/libsepol_3.2.bb
View File

@ -9,7 +9,8 @@ LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
require selinux_common.inc
SRC_URI += "file://CVE-2021-36084.patch"
SRC_URI += "file://CVE-2021-36084.patch \
file://CVE-2021-36085.patch "
inherit lib_package