Hi James,
Can you pull these patches please and pass them on to Linus? They include
the following:
(1) Fix a buffer overflow when displaying /proc/keys [CVE-2016-7042].
(2) Fix broken initialisation in the big_key implementation that can
result in an oops.
(3) Make big_key depend on having a random number generator available in
Kconfig.
The patches can be found here also:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-fixes
Tagged thusly:
git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
keys-fixes-20161026
David
---
Artem Savkov (1):
security/keys: make BIG_KEYS dependent on stdrng.
David Howells (2):
KEYS: Fix short sprintf buffer in /proc/keys show function
KEYS: Sort out big_key initialisation
security/keys/Kconfig | 2 +-
security/keys/big_key.c | 59 +++++++++++++++++++++++++----------------------
security/keys/proc.c | 2 +-
3 files changed, 34 insertions(+), 29 deletions(-)
