Description: selinux: fix off-by-one in setprocattr 
References:
Notes:
 carnil> Possibly introduced in 3.5-rc1 with d6ea83ec6864e9297fa8b00ec3dae183413a90e3
 bwh> The off-by-one error was introduced in Linux 2.6.12 (just before
 bwh> the switch to git), as a (very minor) information leak.  The above
 bwh> commit increased the security impact - writing exactly "\n" can
 bwh> result in a buffer under-read and oops, which is what this CVE
 bwh> describes.  Later, commit bb646cdb12e7 "proc_pid_attr_write():
 bwh> switch to memdup_user()" reduced the buffer size so there is also
 bwh> a buffer over-read.  However, I think that has no additional impact
 bwh> since even SLOB pads heap allocations to at least 2 bytes.
Bugs:
upstream: released (4.10-rc8) [0c461cb727d146c9ef2d3e86214f498b78b7d125]
4.9-upstream-stable: released (4.9.10) [6cbaf7b94373743deb42fd410173aab81f8945fe]
3.16-upstream-stable: released (3.16.41) [selinux-fix-off-by-one-in-setprocattr.patch]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.9.10-1)
3.16-jessie-security: released (3.16.39-1+deb8u1) [bugfix/all/selinux-fix-off-by-one-in-setprocattr.patch]
3.2-wheezy-security: N/A "Vulnerable code not present"