Bug 1032435 - (CVE-2016-10318) VUL-1: CVE-2016-10318: kernel-source: A missing authorization check in the fscrypt_process_policy function infs/crypto/policy.c in the ex...
VUL-1: CVE-2016-10318: kernel-source: A missing authorization check in the fs...
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P4 - Low : Normal
: ---
Assigned To: Security Team bot
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2017-04-05 06:55 UTC by Marcus Meissner
Modified: 2017-10-24 09:41 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2017-04-05 06:55:22 UTC

A missing authorization check in the fscrypt_process_policy function in
fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the
Linux kernel before 4.7.4 allows a user to assign an encryption policy to a
directory owned by a different user, potentially creating a denial of service.

Comment 1 Marcus Meissner 2017-04-05 13:04:21 UTC
code does not exist in our 4.4 kernel of SLES 12 SP2.
Comment 2 Jeff Mahoney 2017-04-20 19:18:23 UTC
The fscrypto versions don't exist, but the ext4 and f2fs versions do.

The good news is that they were already fixed via 4.4.22 in September.

They haven't been fixed in openSUSE 42.1, though.
Comment 3 Jeff Mahoney 2017-04-20 19:34:40 UTC
The f2fs code didn't exist in 4.1, so the fix is only ext4.

SLE11 SP4: unaffected (no vulnerability)
SLE12 GA/SP1: unaffected (no vulnerability)
SLE12 SP2/SP3: fixed (stable)
openSUSE 42.1: patch applied
openSUSE 42.2/42.3: fixed (stable, inherited via SLE12 SP2)
Tumbleweed: unaffected (fixed in upstream release older than current TW kernel release)
Comment 4 Bernhard Wiedemann 2017-05-02 10:01:34 UTC
This is an autogenerated message for OBS integration:
This bug (1032435) was mentioned in
https://build.opensuse.org/request/show/492423 42.1 / kernel-source
Comment 5 Swamp Workflow Management 2017-05-08 19:10:40 UTC
openSUSE-SU-2017:1215-1: An update that solves 8 vulnerabilities and has 7 fixes is now available.

Category: security (important)
Bug References: 1012829,1012876,1028415,1030213,1031003,1031052,1031440,1031579,1032435,1033336,1033340,1033518,1034670,930399,970083
CVE References: CVE-2016-10318,CVE-2017-2671,CVE-2017-7187,CVE-2017-7261,CVE-2017-7294,CVE-2017-7308,CVE-2017-7616,CVE-2017-7618
Sources used:
openSUSE Leap 42.1 (src):    kernel-debug-4.1.39-56.1, kernel-default-4.1.39-56.1, kernel-docs-4.1.39-56.2, kernel-ec2-4.1.39-56.1, kernel-obs-build-4.1.39-56.3, kernel-obs-qa-4.1.39-56.1, kernel-pae-4.1.39-56.1, kernel-pv-4.1.39-56.1, kernel-source-4.1.39-56.1, kernel-syms-4.1.39-56.1, kernel-vanilla-4.1.39-56.1, kernel-xen-4.1.39-56.1
Comment 6 Marcus Meissner 2017-10-24 09:41:07 UTC
all done