Eric Biggers wrote:
> @@ -135,6 +135,9 @@ int install_thread_keyring_to_cred(struct cred *new)
> {
> struct key *keyring;
>
> + if (new->thread_keyring)
> + return -EEXIST;
> +
> keyring = keyring_alloc("_tid", new->uid, new->gid, new,
>
Eric Biggers wrote:
> @@ -135,6 +135,9 @@ int install_thread_keyring_to_cred(struct cred *new)
> {
> struct key *keyring;
>
> + if (new->thread_keyring)
> + return -EEXIST;
> +
> keyring = keyring_alloc("_tid", new->uid, new->gid, new,
>
From: Eric Biggers
Running the following program as an unprivileged user exhausts kernel
memory by leaking thread keyrings:
#include
int main()
{
for (;;)
From: Eric Biggers
Running the following program as an unprivileged user exhausts kernel
memory by leaking thread keyrings:
#include
int main()
{
for (;;)
keyctl_set_reqkey_keyring(KEY_REQKEY_DEFL_THREAD_KEYRING);
}
Fix
4 matches
Mail list logo