UBUNTU: CVE-2007-3848
Reset current->pdeath_signal on SUID binary execution
This fixes a vulnerability in the "parent process death signal"
implementation discoverd by Wojciech Purczynski of COSEINC PTE Ltd.
and iSEC Security Research.
On the SCSI layer ioctl path there is no implicit permissions check for
ioctls (and indeed other drivers implement unprivileged ioctls). aacraid
however allows all sorts of very admin only things to be done so should
check.
Signed-off-by: Alan Cox <email address hidden>
Acked-by: Mark Salyzyn <email address hidden>
Signed-off-by: Linus Torvalds <email address hidden>
This 965G and above chipsets moved the batch buffer non-secure bits to
another place. This means that previous drm's allowed in-secure batchbuffers
to be submitted to the hardware from non-privileged users who are logged
into X and and have access to direct rendering.
Signed-off-by: Dave Airlie <email address hidden>
Signed-off-by: Linus Torvalds <email address hidden>
(cherry picked from commit 21f16289270447673a7263ccc0b22d562fb01ecb)