[kernel] r4878 - dists/sid/linux-2.6/debian dists/sid/linux-2.6/debian/patches-debian dists/sid/linux-2.6/debian/patches-debian/series patch-tracking

Simon Horman horms at costa.debian.org
Thu Nov 24 07:17:38 UTC 2005 

Author: horms
Date: Thu Nov 24 07:17:32 2005
New Revision: 4878

Added:
   dists/sid/linux-2.6/debian/patches-debian/ctnetlink-check-if-protoinfo-is-present.patch
   patch-tracking/ctnetlink-check-if-protoinfo-is-present.patch
      - copied, changed from r4876, patch-tracking/00boilerplate
Modified:
   dists/sid/linux-2.6/debian/changelog
   dists/sid/linux-2.6/debian/patches-debian/series/2.6.14-4
Log:
[SECURITY] ctnetlink: check if protoinfo is present (local DoS)

Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog	(original)
+++ dists/sid/linux-2.6/debian/changelog	Thu Nov 24 07:17:32 2005
@@ -10,8 +10,10 @@
   * Enable MKISS globally (closes: #340215)
   * mm-invalidate_inode_pages2-overflow.patch
     [SECURITY] 32bit integer overflow in invalidate_inode_pages2() (local DoS)
+  * ctnetlink-check-if-protoinfo-is-present.patch
+    [SECURITY] ctnetlink: check if protoinfo is present (local DoS)
 
- -- Simon Horman <horms at debian.org>  Thu, 24 Nov 2005 15:30:58 +0900
+ -- Simon Horman <horms at debian.org>  Thu, 24 Nov 2005 16:14:27 +0900
 
 linux-2.6 (2.6.14-3) unstable; urgency=low
 

Added: dists/sid/linux-2.6/debian/patches-debian/ctnetlink-check-if-protoinfo-is-present.patch
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches-debian/ctnetlink-check-if-protoinfo-is-present.patch	Thu Nov 24 07:17:32 2005
@@ -0,0 +1,32 @@
+commit 51df784ed739246a3774b300e5f536e17bec36ed
+tree 866c76ffab5fa6c19648829f46dfcaee6f314a7d
+parent a2506c04322ca266fe2f9bd7d02a67b1972da611
+author Pablo Neira Ayuso <pablo at netfilter.org> Wed, 09 Nov 2005 12:59:41 -0800
+committer David S. Miller <davem at davemloft.net> Wed, 09 Nov 2005 12:59:41 -0800
+
+    [NETFILTER] ctnetlink: check if protoinfo is present
+    
+    This fixes an oops triggered from userspace. If we don't pass information
+    about the private protocol info, the reference to attr will be NULL. This is
+    likely to happen in update messages.
+    
+    Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
+    Signed-off-by: Harald Welte <laforge at netfilter.org>
+    Signed-off-by: David S. Miller <davem at davemloft.net>
+
+Backported to Debian's 2.6.14 by Horms
+
+--- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c	2005-11-24 16:11:10.000000000 +0900
++++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c	2005-11-24 16:11:33.000000000 +0900
+@@ -362,6 +362,11 @@
+ 	struct nfattr *attr = cda[CTA_PROTOINFO_TCP-1];
+ 	struct nfattr *tb[CTA_PROTOINFO_TCP_MAX];
+ 
++	/* updates could not contain anything about the private
++	 * protocol info, in that case skip the parsing */
++	if (!attr)
++		return 0;
++
+         if (nfattr_parse_nested(tb, CTA_PROTOINFO_TCP_MAX, attr) < 0)
+                 goto nfattr_failure;
+ 

Modified: dists/sid/linux-2.6/debian/patches-debian/series/2.6.14-4
==============================================================================
--- dists/sid/linux-2.6/debian/patches-debian/series/2.6.14-4	(original)
+++ dists/sid/linux-2.6/debian/patches-debian/series/2.6.14-4	Thu Nov 24 07:17:32 2005
@@ -1,3 +1,4 @@
 + setkeys-needs-root-1.patch
 + setkeys-needs-root-2.patch
 + mm-invalidate_inode_pages2-overflow.patch
++ ctnetlink-check-if-protoinfo-is-present.patch

Copied: patch-tracking/ctnetlink-check-if-protoinfo-is-present.patch (from r4876, patch-tracking/00boilerplate)
==============================================================================
--- patch-tracking/00boilerplate	(original)
+++ patch-tracking/ctnetlink-check-if-protoinfo-is-present.patch	Thu Nov 24 07:17:32 2005
@@ -1,16 +1,16 @@
-Candidate: 
-References: 
+Candidate: needed
+References: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=51df784ed739246a3774b300e5f536e17bec36ed
 Description: 
 Notes: 
 Bugs: 
-upstream: 
-2.6.14: 
-2.6.8-sarge-security: 
-2.4.27-sarge-security: 
-2.6.8: 
-2.4.19-woody-security: 
-2.4.18-woody-security: 
-2.4.17-woody-security: 
-2.4.16-woody-security: 
-2.4.17-woody-security-hppa: 
-2.4.17-woody-security-ia64: 
+upstream: 2.6.15-rc1
+2.6.14: pending (2.6.14-4)
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.6.8: N/A
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A

More information about the Kernel-svn-changes mailing list