[kernel] r4877 - dists/sid/linux-2.6/debian
dists/sid/linux-2.6/debian/patches-debian
dists/sid/linux-2.6/debian/patches-debian/series patch-tracking
Simon Horman
horms at costa.debian.org
Thu Nov 24 06:56:48 UTC 2005
Author: horms
Date: Thu Nov 24 06:56:44 2005
New Revision: 4877
Added:
dists/sid/linux-2.6/debian/patches-debian/mm-invalidate_inode_pages2-overflow.patch
patch-tracking/mm-invalidate_inode_pages2-overflow.patch
- copied, changed from r4876, patch-tracking/00boilerplate
Modified:
dists/sid/linux-2.6/debian/changelog
dists/sid/linux-2.6/debian/patches-debian/series/2.6.14-4
patch-tracking/CVE-2005-2100
Log:
[SECURITY] 32bit integer overflow in invalidate_inode_pages2() (local DoS)
Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog (original)
+++ dists/sid/linux-2.6/debian/changelog Thu Nov 24 06:56:44 2005
@@ -8,8 +8,10 @@
[ Simon Horman ]
* Enable MKISS globally (closes: #340215)
+ * mm-invalidate_inode_pages2-overflow.patch
+ [SECURITY] 32bit integer overflow in invalidate_inode_pages2() (local DoS)
- -- Simon Horman <horms at debian.org> Tue, 22 Nov 2005 10:46:22 +0900
+ -- Simon Horman <horms at debian.org> Thu, 24 Nov 2005 15:30:58 +0900
linux-2.6 (2.6.14-3) unstable; urgency=low
Added: dists/sid/linux-2.6/debian/patches-debian/mm-invalidate_inode_pages2-overflow.patch
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches-debian/mm-invalidate_inode_pages2-overflow.patch Thu Nov 24 06:56:44 2005
@@ -0,0 +1,37 @@
+commit 479ef592f3664dd629417098c8599261c0f689ab
+tree 616270b5c79cc3ef5f1fba683f1913f4bea74f47
+parent 02b7068221eed702a37527fa2da4d63a27b3126a
+author Oleg Drokin <green at linuxhacker.ru> Wed, 23 Nov 2005 13:37:47 -0800
+committer Linus Torvalds <torvalds at g5.osdl.org> Wed, 23 Nov 2005 16:08:39 -0800
+
+ [PATCH] 32bit integer overflow in invalidate_inode_pages2()
+
+ Fix a 32 bit integer overflow in invalidate_inode_pages2_range.
+
+ Signed-off-by: Andrew Morton <akpm at osdl.org>
+ Signed-off-by: Linus Torvalds <torvalds at osdl.org>
+
+diff --git a/mm/truncate.c b/mm/truncate.c
+index 29c18f6..9173ab5 100644
+--- a/mm/truncate.c
++++ b/mm/truncate.c
+@@ -282,8 +282,8 @@ int invalidate_inode_pages2_range(struct
+ * Zap the rest of the file in one hit.
+ */
+ unmap_mapping_range(mapping,
+- page_index << PAGE_CACHE_SHIFT,
+- (end - page_index + 1)
++ (loff_t)page_index<<PAGE_CACHE_SHIFT,
++ (loff_t)(end - page_index + 1)
+ << PAGE_CACHE_SHIFT,
+ 0);
+ did_range_unmap = 1;
+@@ -292,7 +292,7 @@ int invalidate_inode_pages2_range(struct
+ * Just zap this page
+ */
+ unmap_mapping_range(mapping,
+- page_index << PAGE_CACHE_SHIFT,
++ (loff_t)page_index<<PAGE_CACHE_SHIFT,
+ PAGE_CACHE_SIZE, 0);
+ }
+ }
Modified: dists/sid/linux-2.6/debian/patches-debian/series/2.6.14-4
==============================================================================
--- dists/sid/linux-2.6/debian/patches-debian/series/2.6.14-4 (original)
+++ dists/sid/linux-2.6/debian/patches-debian/series/2.6.14-4 Thu Nov 24 06:56:44 2005
@@ -1,2 +1,3 @@
+ setkeys-needs-root-1.patch
+ setkeys-needs-root-2.patch
++ mm-invalidate_inode_pages2-overflow.patch
Modified: patch-tracking/CVE-2005-2100
==============================================================================
--- patch-tracking/CVE-2005-2100 (original)
+++ patch-tracking/CVE-2005-2100 Thu Nov 24 06:56:44 2005
@@ -8,15 +8,17 @@
Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows
local users to cause a denial of service (crash).
Notes:
+ horms> This is a bug in the Red Hat 4G/4G patch, and doesn't appear
+ in Upstream or Debian Kernels.
Bugs:
upstream:
-2.6.14:
-2.6.8-sarge-security:
-2.4.27-sarge-security:
-2.6.8:
-2.4.19-woody-security:
-2.4.18-woody-security:
-2.4.17-woody-security:
-2.4.16-woody-security:
-2.4.17-woody-security-hppa:
-2.4.17-woody-security-ia64:
+2.6.14: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.8: N/A
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
Copied: patch-tracking/mm-invalidate_inode_pages2-overflow.patch (from r4876, patch-tracking/00boilerplate)
==============================================================================
--- patch-tracking/00boilerplate (original)
+++ patch-tracking/mm-invalidate_inode_pages2-overflow.patch Thu Nov 24 06:56:44 2005
@@ -1,16 +1,19 @@
-Candidate:
-References:
-Description:
-Notes:
+Candidate: needed
+References: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=479ef592f3664dd629417098c8599261c0f689ab
+Description: Fix a 32 bit integer overflow in invalidate_inode_pages2_range.
+ Local DoS
+Notes: horms> I don't see any evidence of this on 2.6.8 or 2.4.27
+ I didn't check the woody kernels, but it seems very unlikley
+ it is there.
Bugs:
-upstream:
-2.6.14:
-2.6.8-sarge-security:
-2.4.27-sarge-security:
-2.6.8:
-2.4.19-woody-security:
-2.4.18-woody-security:
-2.4.17-woody-security:
-2.4.16-woody-security:
-2.4.17-woody-security-hppa:
-2.4.17-woody-security-ia64:
+upstream: pending (2.6.15-rc3)
+2.6.14: pending (2.6.14-4)
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.8: N/A
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
More information about the Kernel-svn-changes
mailing list