summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Expand)Author
2021-03-03KEYS: trusted: Fix migratable=1 failingJarkko Sakkinen
2021-01-23dump_common_audit_data(): fix racy accesses to ->d_nameAl Viro
2020-10-29ima: Don't ignore errors from crypto_shash_update()Roberto Sassu
2020-10-01selinux: sel_avc_get_stat_idx should increase position indexVasily Averin
2020-08-21Smack: prevent underflow in smk_set_cipso()Dan Carpenter
2020-08-21Smack: fix another vsscanf out of boundsDan Carpenter
2020-08-21Smack: fix use-after-free in smk_write_relabel_self()Eric Biggers
2020-08-21nfs: Move call to security_inode_listsecurity into nfs_listxattrAndreas Gruenbacher
2020-06-29selinux: fix double freeTom Rix
2020-06-20ima: Directly assign the ima_default_policy pointer to ima_rulesRoberto Sassu
2020-06-20ima: Fix ima digest hash table key calculationKrzysztof Struczynski
2020-06-20Smack: slab-out-of-bounds in vsscanfCasey Schaufler
2020-06-03exec: Always set cap_ambient in cap_bprm_set_credsEric W. Biederman
2020-05-27evm: Check also if *tfm is an error pointer in init_desc()Roberto Sassu
2020-05-05selinux: properly handle multiple messages in selinux_netlink_send()Paul Moore
2020-04-24KEYS: reaching the keys quotas correctlyYang Xu
2020-02-28selinux: ensure we cleanup the internal AVC counters on error in avc_update()Jaihind Yadav
2019-11-25apparmor: fix module parameters can be changed after policy is lockedJohn Johansen
2019-11-25apparmor: fix update the mtime of the profile file on replacementJohn Johansen
2019-11-25apparmor: fix uninitialized lsm_audit memberJohn Johansen
2019-10-17ima: always return negative code for errorSascha Hauer
2019-10-07smack: use GFP_NOFS while holding inode_smack::smk_lockEric Biggers
2019-10-07Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is setJann Horn
2019-10-07security: smack: Fix possible null-pointer dereferences in smack_socket_sock_...Jia-Ju Bai
2019-09-21keys: Fix missing null pointer check in request_key_auth_describe()Hillf Danton
2019-08-06selinux: fix memory leak in policydb_init()Ondrej Mosnacek
2019-07-10apparmor: enforce nullbyte at end of tag stringJann Horn
2019-05-16selinux: never allow relabeling on context mountsOndrej Mosnacek
2019-04-27device_cgroup: fix RCU imbalance in error caseJann Horn
2019-03-23missing barriers in some of unix_sock ->addr and ->path accessesAl Viro
2019-03-23KEYS: restrict /proc/keys by credentials at open timeEric Biggers
2019-03-23KEYS: always initialize keyring_index_key::desc_lenEric Biggers
2019-03-23KEYS: allow reaching the keys quotas exactlyEric Biggers
2019-02-20smack: fix access permissions for keyringZoran Markovic
2019-01-26selinux: fix GPF on invalid policyStephen Smalley
2019-01-26LSM: Check for NULL cred-security on freeJames Morris
2019-01-26Yama: Check for pid death before checking ancestryKees Cook
2018-12-17mm: replace get_user_pages() write/force parameters with gup_flagsLorenzo Stoakes
2018-11-21ima: fix showing large 'violations' or 'runtime_measurements_count'Eric Biggers
2018-11-10KEYS: put keyring if install_session_keyring_to_cred() failsEric Biggers
2018-09-19selinux: use GFP_NOWAIT in the AVC kmem_cachesMichal Hocko
2018-08-24Smack: Mark inode instant in smack_task_to_inodeCasey Schaufler
2018-06-06selinux: KASAN: slab-out-of-bounds in xattr_getsecuritySachin Grover
2018-06-06Revert "ima: limit file hash setting by user to fix and log modes"Mimi Zohar
2018-05-30ima: Fallback to the builtin hash algorithmPetr Vorel
2018-05-30ima: Fix Kconfig to select TPM 2.0 CRB interfaceJiandi An
2018-04-13selinux: do not check open permission on socketsStephen Smalley
2018-04-08selinux: Remove redundant check for unknown labeling behaviorMatthias Kaehlcke
2018-04-08selinux: Remove unnecessary check of array base in selinux_set_mapping()Matthias Kaehlcke
2018-03-22ima: relax requiring a file signature for new files with zero lengthMimi Zohar