[Midnightbsd-cvs] [MidnightBSD/src] 572505: linux: set AT_SECURE from exec credential state

Lucas Holt noreply at github.com
Wed Jun 10 20:16:33 EDT 2026


  Branch: refs/heads/stable/4.0
  Home:   https://github.com/MidnightBSD/src
  Commit: 572505c33fdc7cee2f4affbcb8ad9a3ecdb71e4d
      https://github.com/MidnightBSD/src/commit/572505c33fdc7cee2f4affbcb8ad9a3ecdb71e4d
  Author: Lucas Holt <luke at foolishgames.com>
  Date:   2026-06-10 (Wed, 10 Jun 2026)

  Changed paths:
    M sys/compat/linux/linux_elf.c

  Log Message:
  -----------
  linux: set AT_SECURE from exec credential state

Use image_params.credential_setid when constructing the Linux ELF auxiliary vector.  P_SUGID is not set until later in execve(2), so it cannot reliably indicate whether a Linux setuid or setgid binary needs secure runtime linker mode.

CVE-2026-49413

Obtained from: FreeBSD-SA-26:30.linux

AI-Assisted-by: OpenAI Codex (GPT-5)
Signed-off-by: Lucas Holt <luke at foolishgames.com>



To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications


More information about the Midnightbsd-cvs mailing list