Bug 488196 - kernel: selinux: selinux_netlbl_inode_permission() null pointer deref
kernel: selinux: selinux_netlbl_inode_permission() null pointer deref
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 488200 488201 488202
  Show dependency treegraph
Reported: 2009-03-03 01:08 EST by Eugene Teo (Security Response)
Modified: 2016-03-04 06:10 EST (History)
12 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-03-05 20:33:42 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Upstream patch (1.33 KB, patch)
2009-03-03 01:15 EST, Eugene Teo (Security Response)
no flags Details | Diff

  None (edit)
Description Eugene Teo (Security Response) 2009-03-03 01:08:41 EST
Description of problem:
Rick McNeal from LSI identified a panic in selinux_netlbl_inode_permission() caused by a certain sequence of SUNRPC operations. The problem appears to be due to the lack of NULL pointer checking in the function; the patch for this issue adds the pointer checks so the function will exit safely in the cases where the socket is not completely initialized.
Comment 10 Eugene Teo (Security Response) 2009-03-05 20:33:42 EST
It appears that the problem is caused by the test case/out of tree code. The problem is not in the selinux or the netlabel code. Closing bugs.

Note You need to log in before you can comment on or make changes to this bug.