A buffer overflow flaw was found in the way the Linux kernel's eCryptfs implementation decoded encrypted file names.
A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
This issue did not affect versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5 and 7; and kernel-rt packages as shipped with Red Hat Enterprise MRG 2 and Red Hat Enterprise Linux 7.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6
Via RHSA-2015:1272 https://rhn.redhat.com/errata/RHSA-2015-1272.html
(In reply to Wade Mealing from comment #2)
> This issue did not affect versions of the Linux kernel as shipped with Red
> Hat Enterprise Linux 5 and 7; and kernel-rt packages as shipped with Red Hat
> Enterprise MRG 2 and Red Hat Enterprise Linux 7.
why not did affect to rhel 7, it has the seam code with rhel 6?
dst[dst_byte_offset++] |= (src_byte);
dst[dst_byte_offset] = 0;
current_bit_offset = 0;
You're correct it does seem to have the same code as EL6, however the encryptfs code is not enabled on EL7.
You may see some similarly named CONFIG_ECRYPT_FS functions in the kernel are not included to be built.
[wmealing@work-desktop linux-3.10.0-229.el6.x86_64]$ cat .config |grep ECRYPT
# CONFIG_ECRYPT_FS is not set
You may however see similarly named symbols in the kernel:
[root@unused-9-133 ~]# cat /proc/kallsyms |grep ecryptfs_|head -n 3
ffffffff81266f70 T ecryptfs_get_auth_tok_key
ffffffff81266f90 T ecryptfs_get_versions
ffffffff81266fc0 T ecryptfs_fill_auth_tok
But these are helper functions generated by CONFIG_ENCRYPTED_KEYS kernel config options, not be encryptfs itself.
If you have any further options, please open a ticket with a Red Hat support staff member.