CVE-2021-46971 Information

Description

In the Linux kernel the following vulnerability has been resolved:

perf/core: Fix unconditional security_locked_down() call

Currently the lockdown state is queried unconditionally even though its result is used only if the PERF_SAMPLE_REGS_INTR bit is set in attr.sample_type. While that doesn’t matter in case of the Lockdown LSM it causes trouble with the SELinux’s lockdown hook implementation.

SELinux implements the locked_down hook with a check whether the current task’s type has the corresponding \lockdown\ class permission (\integrity\ or ## Reference https://git.kernel.org/stable/c/b246759284d6a2bc5b6f1009caeeb3abce2ec9ff https://git.kernel.org/stable/c/4348d3b5027bc3ff6336368b6c60605d4ef8e1ce https://git.kernel.org/stable/c/f5809ca4c311b71bfaba6d13f4e39eab0557895e https://git.kernel.org/stable/c/c7b0208ee370b89d20486fae71cd9abb759819c1 https://git.kernel.org/stable/c/08ef1af4de5fe7de9c6d69f1e22e51b66e385d9b