github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-08 06:25:52 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
8534537d0b
linux/include
History
willy tarreau 5e226f9689 unix: properly account for FDs passed over unix sockets 
[ Upstream commit 712f4aad40 ]

It is possible for a process to allocate and accumulate far more FDs than
the process' limit by sending them over a unix socket then closing them
to keep the process' fd count low.

This change addresses this problem by keeping track of the number of FDs
in flight per user and preventing non-privileged processes from having
more FDs in flight than their configured FD limit.

Reported-by: socketpair@gmail.com
Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Mitigates: CVE-2013-4312 (Linux 2.0+)
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2016-01-31 11:28:59 -08:00
..
acpi Merge branch 'acpi-pci' 2015-11-07 01:30:10 +01:00
asm-generic treewide: Remove old email address 2015-11-23 09:44:58 +01:00
clocksource
crypto Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2015-11-05 15:32:38 -08:00
drm drm/nouveau: Fix pre-nv50 pageflip events (v4) 2015-12-04 13:49:38 +10:00
dt-bindings ARM: DT updates for v4.4 2015-11-10 15:06:26 -08:00
keys
kvm KVM: arm/arm64: arch_timer: Preserve physical dist. active state on LR.active 2015-11-24 18:07:40 +01:00
linux unix: properly account for FDs passed over unix sockets 2016-01-31 11:28:59 -08:00
math-emu
media
memory
misc
net net: Propagate lookup failure in l3mdev_get_saddr to caller 2016-01-04 22:58:30 -05:00
pcmcia
ras
rdma IB/mad: Require CM send method for everything except ClassPortInfo 2015-12-08 12:19:11 -05:00
rxrpc
scsi Merge branch 'mkp-fixes' into fixes 2015-12-03 09:32:33 -08:00
soc ARM: SoC driver updates for v4.4 2015-11-10 15:00:03 -08:00
sound Merge remote-tracking branch 'asoc/fix/dapm' into asoc-linus 2016-01-05 23:07:32 +00:00
target target: Fix race for SCF_COMPARE_AND_WRITE_POST checking 2015-11-28 19:33:15 -08:00
trace Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2015-11-11 09:03:01 -08:00
uapi Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-12-17 14:05:22 -08:00
video gpu: ipu-v3: drop unused dmfc field from client platform data 2015-11-24 11:30:15 +01:00
xen xen: Add RING_COPY_REQUEST() 2015-12-18 10:00:17 -05:00
Kbuild