[Vivid][SRU][PATCH 0/1] seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO

Brad Figg brad.figg at canonical.com
Tue Sep 15 18:13:16 UTC 2015


BugLink: http://bugs.launchpad.net/bugs/1496073

The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO
when setting errno during a SECCOMP_RET_ERRNO filter action.  This makes
sure we have a reliable value being set, so that an invalid errno will not
be ignored by userspace.

Kees Cook (1):
  seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO

 kernel/seccomp.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

-- 
1.9.1





More information about the kernel-team mailing list