Home Home > GIT Browse
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBorislav Petkov <bp@suse.de>2019-10-16 17:22:00 +0200
committerBorislav Petkov <bp@suse.de>2019-10-16 17:22:00 +0200
commit6bf43c02a38978453a3c51da0bb9947e98554ffc (patch)
treeae7f51b3a6aa7b55021c74b71963684d23dde978
parent73bcd24ca4175c91a3907a85b55689fede1cb22d (diff)
nfc: enforce CAP_NET_RAW for raw sockets (bsc#1152788
CVE-2019-17056).
-rw-r--r--patches.suse/nfc-enforce-cap_net_raw-for-raw-sockets.patch39
-rw-r--r--series.conf1
2 files changed, 40 insertions, 0 deletions
diff --git a/patches.suse/nfc-enforce-cap_net_raw-for-raw-sockets.patch b/patches.suse/nfc-enforce-cap_net_raw-for-raw-sockets.patch
new file mode 100644
index 0000000000..6b5cb0977f
--- /dev/null
+++ b/patches.suse/nfc-enforce-cap_net_raw-for-raw-sockets.patch
@@ -0,0 +1,39 @@
+From: Ori Nimron <orinimron123@gmail.com>
+Date: Fri, 20 Sep 2019 09:35:49 +0200
+Subject: nfc: enforce CAP_NET_RAW for raw sockets
+Git-commit: 3a359798b176183ef09efb7a3dc59abad1cc7104
+Patch-mainline: v5.4-rc1
+References: bsc#1152788 CVE-2019-17056
+
+When creating a raw AF_NFC socket, CAP_NET_RAW needs to be checked
+first.
+
+Signed-off-by: Ori Nimron <orinimron123@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Acked-by: Borislav Petkov <bp@suse.de>
+---
+ net/nfc/llcp_sock.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/net/nfc/llcp_sock.c b/net/nfc/llcp_sock.c
+index 9b8742947aff..8dfea26536c9 100644
+--- a/net/nfc/llcp_sock.c
++++ b/net/nfc/llcp_sock.c
+@@ -1004,10 +1004,13 @@ static int llcp_sock_create(struct net *net, struct socket *sock,
+ sock->type != SOCK_RAW)
+ return -ESOCKTNOSUPPORT;
+
+- if (sock->type == SOCK_RAW)
++ if (sock->type == SOCK_RAW) {
++ if (!capable(CAP_NET_RAW))
++ return -EPERM;
+ sock->ops = &llcp_rawsock_ops;
+- else
++ } else {
+ sock->ops = &llcp_sock_ops;
++ }
+
+ sk = nfc_llcp_sock_alloc(sock, sock->type, GFP_ATOMIC, kern);
+ if (sk == NULL)
+
diff --git a/series.conf b/series.conf
index 48747f1d24..a863faece9 100644
--- a/series.conf
+++ b/series.conf
@@ -50337,6 +50337,7 @@
patches.suse/powerpc-book3s64-mm-Don-t-do-tlbie-fixup-for-some-ha.patch
patches.suse/powerpc-book3s64-radix-Rename-CPU_FTR_P9_TLBIE_BUG-f.patch
patches.suse/powerpc-mm-Fixup-tlbie-vs-mtpidr-mtlpidr-ordering-is.patch
+ patches.suse/nfc-enforce-cap_net_raw-for-raw-sockets.patch
patches.suse/net-ibmvnic-unlock-rtnl_lock-in-reset-so-linkwatch_e.patch
patches.suse/net-ibmvnic-prevent-more-than-one-thread-from-runnin.patch
patches.suse/ppp-Fix-memory-leak-in-ppp_write.patch