CVE Published: 21/05/2024 |
CVE Updated: 06/11/2024 |
CVE Year: 2023 Source: Linux |
Vendor: Linux |
Product: Linux Status : PUBLISHED
CVE-2023-52779 Description
In the Linux kernel, the following vulnerability has been resolved:
fs: Pass AT_GETATTR_NOSEC flag to getattr interface function
When vfs_getattr_nosec() calls a filesystem\'s getattr interface function
then the \'nosec\' should propagate into this function so that
vfs_getattr_nosec() can again be called from the filesystem\'s gettattr
rather than vfs_getattr(). The latter would add unnecessary security
checks that the initial vfs_getattr_nosec() call wanted to avoid.
Therefore, introduce the getattr flag GETATTR_NOSEC and allow to pass
with the new getattr_flags parameter to the getattr interface function.
In overlayfs and ecryptfs use this flag to determine which one of the
two functions to call.
In a recent code change introduced to IMA vfs_getattr_nosec() ended up
calling vfs_getattr() in overlayfs, which in turn called
security_inode_getattr() on an exiting process that did not have
current->fs set anymore, which then caused a kernel NULL pointer
dereference. With this change the call to security_inode_getattr() can
be avoided, thus avoiding the NULL pointer dereference.