r2728 - in trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian: . patches patches/series
maximilian attems
maks-guest@costa.debian.org
Wed, 16 Mar 2005 16:31:31 +0100
Author: maks-guest
Date: 2005-03-16 16:31:29 +0100 (Wed, 16 Mar 2005)
New Revision: 2728
Added:
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/drivers-net-ppp_async-fix-dos.dpatch
Modified:
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-15
Log:
backport ppp dos
Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2005-03-16 15:05:13 UTC (rev 2727)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2005-03-16 15:31:29 UTC (rev 2728)
@@ -5,6 +5,8 @@
* Fix locking error in RCU. (Simon Horman) (closes: #280743)
+ * [Security] Fix remote dos on ppp servers. (Maximilian Attems)
+
-- Simon Horman <horms@debian.org> Wed, 16 Mar 2005 15:40:00 +0900
kernel-source-2.6.8 (2.6.8-14) unstable; urgency=high
Added: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/drivers-net-ppp_async-fix-dos.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/drivers-net-ppp_async-fix-dos.dpatch 2005-03-16 15:05:13 UTC (rev 2727)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/drivers-net-ppp_async-fix-dos.dpatch 2005-03-16 15:31:29 UTC (rev 2728)
@@ -0,0 +1,36 @@
+diff -Naru a/drivers/net/ppp_async.c b/drivers/net/ppp_async.c
+--- a/drivers/net/ppp_async.c 2005-03-16 07:23:04 -08:00
++++ b/drivers/net/ppp_async.c 2005-03-16 07:23:04 -08:00
+@@ -985,7 +985,7 @@
+ data += 4;
+ dlen -= 4;
+ /* data[0] is code, data[1] is length */
+- while (dlen >= 2 && dlen >= data[1]) {
++ while (dlen >= 2 && dlen >= data[1] && data[1] >= 2) {
+ switch (data[0]) {
+ case LCP_MRU:
+ val = (data[2] << 8) + data[3];
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+# 2005/03/15 15:38:47-08:00 paulus@au1.ibm.com
+# [PATCH] CAN-2005-0384: Remote Linux DoS on ppp servers
+#
+# Martin Schulze writes:
+#
+# > Ben Martel and Stephen Blackheath have discovered a denial-of-service attack
+# > that a client of pppd can make that can hang the server machine. The bug is
+# > in the Linux kernel 2.6 (tested on 2.6.9), but it looks like it also exists
+# > in the 2.4 series.
+#
+# Yes, this is my bug. :(
+#
+# I would just do this instead:
+#
+# Signed-off-by: Chris Wright <chrisw@osdl.org>
+# Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+#
+# drivers/net/ppp_async.c
+# 2005/02/24 15:38:05-08:00 paulus@au1.ibm.com +1 -1
+# CAN-2005-0384: Remote Linux DoS on ppp servers
+#
Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-15
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-15 2005-03-16 15:05:13 UTC (rev 2727)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-15 2005-03-16 15:31:29 UTC (rev 2728)
@@ -1,2 +1,3 @@
+ radeon-race.dpatch
+ rcu-locking.dpatch
++ drivers-net-ppp_async-fix-dos.dpatch