From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:39836 "EHLO shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752375AbcKPSBE (ORCPT ); Wed, 16 Nov 2016 13:01:04 -0500 Message-ID: <1479319254.16599.3.camel@decadent.org.uk> Subject: Re: Fix for CVE-2016-7097 missing from linux-4.1.y From: Ben Hutchings To: Josh Hunt , Jan Kara Cc: "Levin, Alexander" , "stable@vger.kernel.org" Date: Wed, 16 Nov 2016 18:00:54 +0000 In-Reply-To: <582C9DE4.5020608@akamai.com> References: <5824FBC5.7060606@akamai.com> <20161111095824.GA2730@quack2.suse.cz> <1478919793.2622.19.camel@decadent.org.uk> <582C9DE4.5020608@akamai.com> Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-UtnLSAO/RufURXsLzyfn" Mime-Version: 1.0 Sender: stable-owner@vger.kernel.org List-ID: --=-UtnLSAO/RufURXsLzyfn Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Wed, 2016-11-16 at 11:56 -0600, Josh Hunt wrote: > On 11/11/2016 09:03 PM, Ben Hutchings wrote: > > On Fri, 2016-11-11 at 10:58 +0100, Jan Kara wrote: > > > Hi! > > >=20 > > > On Thu 10-11-16 16:59:17, Josh Hunt wrote: > > > > You are the author of commit 073931017b49 ("posix_acl: Clear SGID b= it when > > > > setting file permissions") which has been identified to resolve > > > > CVE-2016-7097, but is missing from linux-4.1.y. > > > >=20 > > > > If you believe this commit should be part of linux-4.1.y can you pl= ease > > > > reply with your approval for its inclusion? > > >=20 > > > Yes, the problem exists all the way back, I belive since ACLs were > > > introduced. Definitely exists in 3.0 which is the oldest version I've > > > checked. The patch may need some massaging to apply which is why it d= idn't > > > get into 4.1 I assume. And the backport will need a review because al= l > > > filesystems supporting ACLs need to be handled where frankly I'm not = quite > > > sure the bug-severity / effort is worth it. > >=20 > > I've attempted backports to 3.2 and 3.16, and will send those out for > > review in the next few days. > >=20 > > Ben. >=20 > Jan/Ben >=20 > Thanks for following up on this. >=20 > Ben - I'll be on the lookout for those backports. Here they are: https://marc.info/?l=3Dlinux-kernel&m=3D147908961924568 https://marc.info/?l=3Dlinux-kernel&m=3D147909400125559 Ben. --=20 Ben Hutchings Time is nature's way of making sure that everything doesn't happen at once. --=-UtnLSAO/RufURXsLzyfn Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlgsntYACgkQ57/I7JWG EQlz1Q//QyMspHnaRsXup00rbPd+HSXi8v2dRt0pyBrBmXoGeKDLWfVKuQsa2Hk7 tu1iR1Ej3xaogp+qzLPUXG3CXmS8aq4iRmA4nRHVbl8ei/WXWtinNCAFWSW/yUKi E/+5xmPzbA5uOAtmBwJ/CHyV7Tv48rozvgNCGpVRxqfzAYNwrZ5engHVjN5iE3ln qzTcXWq4r6DRHychhS6MEJ9CPOcwDaxqdqUeYD3QMP3EdujOC6XqEGzWP/FjvzOV apUQl+GoiNucl5vT02K/Iu503uPKr7BQwIdsFGogFG3Zxjn1/9H6jF/UXX2lM/VD ++Obz3G9lish/q0Jw7F/9IeOiNNeO5JLJIe4sHAKWSjktkqyT7U1z7tucL9dsEjn KF5x3O3muACw9i0y2/NTSBadVJ3nGu9menhGBoHng7ZU5XlRdmIlpnSsficcbG/e Wkmx94NEJPKf+vSi5RPIQvgCeD0sLgzLywG2Co0FkkPkj57gHi9fFz+Kq9Jfy8nM IzqxzK25fIGEwzuRwo0qe6nXfKRk4m1bMqmmT2IhpEeBvjxvNlZvp2IIvgEeqJzm /NMAj15x3/PyI34fg/qaR0Sv3KQsgmlaqEZIVRZFY5FVi6gyOGk/MwgqGZQ23PiZ nwSfGcCJ+2sQ4YubaurJY/GyxY2BPtk3hC5//WM66bFVO2bvBy0= =Euvd -----END PGP SIGNATURE----- --=-UtnLSAO/RufURXsLzyfn--