A vulnerability leading to a local privilege escalation was found in apparmor in the Linux kernel. When proc_pid_attr_write() was changed to use memdup_user apparmor's (interface violating) assumption that the setprocattr buffer was always a single page was violated. Upstream pull request: http://marc.info/?l=linux-kernel&m=146793642811929&w=2 Upstream fix: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a46a4647fd1df9cf52e43bf467f0d9265096ca References: http://seclists.org/oss-sec/2016/q3/30
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1354385]
Statement: Red Hat Enterprise Linux is not affected by this flaw as CONFIG_SECURITY_APPARMOR is not enabled in any current shipping kernels.