1. photon
  2. Commit cf9c892067050c1417e6b61a086ad5290f6e6a1d
Browse code

linux-aws: Deprecate a.out file format support to fix CVE-2019-11191

CVE-2019-11190 and CVE-2019-11191 are two vulnerabilities of the same
type that affect elf and a.out binaries respectively. The elf code has
been fixed long ago, but the upstream fix for binfmt_aout.c doesn't
seem to be available yet.

We should simply drop support for a.out in our kernels since it is an
ancient format and its deprecation is already underway in mainline
kernel [1]. (Almost everyone uses elf these days.)

So unset CONFIG_IA32_AOUT from linux-aws's kernel config.

[1]. https://github.com/torvalds/linux/commit/08300f4402abc0eb3bc9c91b27a529836710d32d

Change-Id: I664194422144ccbc0c19362ed4828a65f9791048
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/7287
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Srinidhi Rao <srinidhir@vmware.com>
(cherry picked from commit 76e4835b017fa33399ae1c2f374f4a06e0840b61)
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/7320
Reviewed-by: Srivatsa S. Bhat <srivatsab@vmware.com>

Srivatsa S. Bhat (VMware) authored on 2019/05/24 07:38:15
Showing 2 changed files
SPECS/linux/config-aws
History View file @ cf9c892
... ... 
@@ -1,6 +1,6 @@
1 1 
 #
2 2 
 # Automatically generated file; DO NOT EDIT.
3 
-# Linux/x86 4.19.26 Kernel Configuration
3 
+# Linux/x86 4.19.40 Kernel Configuration
4 4 
 #
5 5
6 6 
 #
... ... 
@@ -626,7 +626,7 @@ CONFIG_AMD_NB=y
626 626 
 # Binary Emulations
627 627 
 #
628 628 
 CONFIG_IA32_EMULATION=y
629 
-CONFIG_IA32_AOUT=m
629 
+# CONFIG_IA32_AOUT is not set
630 630 
 # CONFIG_X86_X32 is not set
631 631 
 CONFIG_COMPAT_32=y
632 632 
 CONFIG_COMPAT=y
SPECS/linux/linux-aws.spec
History View file @ cf9c892
... ... 
@@ -2,7 +2,7 @@
2 2 
 Summary:        Kernel
3 3 
 Name:           linux-aws
4 4 
 Version:        4.19.40
5 
-Release:        2%{?kat_build:.%kat_build}%{?dist}
5 
+Release:        3%{?kat_build:.%kat_build}%{?dist}
6 6 
 License:    	GPLv2
7 7 
 URL:        	http://www.kernel.org/
8 8 
 Group:        	System Environment/Kernel
... ... 
@@ -360,6 +360,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg
360 360 
 %{_libdir}/perf/include/bpf/*
361 361
362 362 
 %changelog
363 
+*   Thu May 23 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.40-3
364 
+-   Fix CVE-2019-11191 by deprecating a.out file format support.
363 365 
 *   Tue May 14 2019 Keerthana K <keerthanak@vmware.com> 4.19.40-2
364 366 
 -   Fix to parse through /boot folder and update symlink (/boot/photon.cfg) if
365 367 
 -   mulitple kernels are installed and current linux kernel is removed.