xfs/setgid rewrite in 5.10 was Re: [cip-dev] New CVE entries this week

Pavel Machek


It's this week's CVE report.

This week reported 6 new CVEs and 2 updated CVEs.

* New CVEs
There is something going on with xfs/chown/setgit and probably
overlayfs. These are from 5.10.176 review:

|73894b749 e014f3 o: 5.10| xfs: use setattr_copy to set vfs inode attributes
|be9c3268a 2b3416 o: 5.10| fs: add mode_strip_sgid() helper
|5b02d54d5 1639a4 o: 5.10| fs: move S_ISGID stripping into the vfs_*() helpers
|b5eea92ad 11c2a8 o: 5.10| attr: add in_group_or_capable()
|9a856d215 e243e3 o: 5.10| fs: move should_remove_suid()
|bba459793 72ae01 o: 5.10| attr: add setattr_should_drop_sgid()
|c2abc5886 ed5a70 o: 5.10| attr: use consistent sgid stripping checks
|215bf9f27 8d84e3 o: 5.10| fs: use consistent setgid checks in is_sxid()
|1c7588d55 b0463b o: 5.10| xfs: remove xfs_setattr_time() declaration

If you are using xfs or overlayfs, you may want to investigate.

If someone has corresponding CVE entry, that would be nice, too.

Best regards,

DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany