]>
git.kernelconcepts.de Git - karo-tx-linux.git/commit
[PATCH] security/seclvl.c: fix time wrap (CVE-2005-4352)
initlvl=2 in seclvl gives the guarantee
"Cannot decrement the system time".
But it was possible to set the time to the maximum unixtime value
(19 Jan 2038) resulting in a wrap to the minimum value.
This patch fixes this by disallowing setting the time to any date
after 2030 with initlvl=2.
This patch does not apply to kernel 2.6.19 since the seclvl module was
already removed in this kernel.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>