[Midnightbsd-cvs] [MidnightBSD/src] 5b92e2: linux: set AT_SECURE from exec credential state

Lucas Holt noreply at github.com
Wed Jun 10 20:16:16 EDT 2026


  Branch: refs/heads/stable/4.1
  Home:   https://github.com/MidnightBSD/src
  Commit: 5b92e28ab6c94a9ebb0f4b5b6a7e53b41863e915
      https://github.com/MidnightBSD/src/commit/5b92e28ab6c94a9ebb0f4b5b6a7e53b41863e915
  Author: Lucas Holt <luke at foolishgames.com>
  Date:   2026-06-10 (Wed, 10 Jun 2026)

  Changed paths:
    M sys/compat/linux/linux_elf.c

  Log Message:
  -----------
  linux: set AT_SECURE from exec credential state

Use image_params.credential_setid when constructing the Linux ELF auxiliary vector.  P_SUGID is not set until later in execve(2), so it cannot reliably indicate whether a Linux setuid or setgid binary needs secure runtime linker mode.

CVE-2026-49413

Obtained from: FreeBSD-SA-26:30.linux

AI-Assisted-by: OpenAI Codex (GPT-5)
Signed-off-by: Lucas Holt <luke at foolishgames.com>



To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications


More information about the Midnightbsd-cvs mailing list