LUA: Fix CVE-2014-5461 - openzfs/zfs.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Richard Yao <[email protected]>	2022-09-27 19:44:13 -0400
committer	GitHub <[email protected]>	2022-09-27 16:44:13 -0700
commit	31b4e008f13fe00c5619fee06c6502d417448bd5 (patch)
tree	0b60549ac39f74bb15208340f91942f9c331c4fe /module/zfs/dsl_dataset.c
parent	fdc2d303710416868a05084e984fd8f231e948bd (diff)

LUA: Fix CVE-2014-5461

Apply the fix from upstream. http://www.lua.org/bugs.html#5.2.2-1 https://www.opencve.io/cve/CVE-2014-5461 It should be noted that exploiting this requires the `SYS_CONFIG` privilege, and anyone with that privilege likely has other opportunities to do exploits, so it is unlikely that bad actors could exploit this unless system administrators are executing untrusted ZFS Channel Programs. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #13949

Diffstat (limited to 'module/zfs/dsl_dataset.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: