r4113 - in dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: . patches patches/series

Thu Sep 1 06:39:17 UTC 2005

Author: horms
Date: 2005-09-01 06:39:14 +0000 (Thu, 01 Sep 2005)
New Revision: 4113

Added:
   dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/189_ipv6-skb-leak.diff
Modified:
   dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
   dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-12
Log:
+  * 189_ipv6-skb-leak.diff
+     [Maybe-Security: Seems like a local DoS]
+     Fix SKB leak in ip6_input_finish()
+     From 2.6.12.6


Modified: dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================

--- dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2005-09-01 06:10:47 UTC (rev 4112)
+++ dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2005-09-01 06:39:14 UTC (rev 4113)
@@ -45,8 +45,13 @@
     Fix DST leak in icmp_push_reply()
     From 2.6.12.6
 
- -- Simon Horman <horms at debian.org>  Thu,  1 Sep 2005 12:27:12 +0900
+  * 189_ipv6-skb-leak.diff
+     [Maybe-Security: Seems like a local DoS]
+     Fix SKB leak in ip6_input_finish()
+     From 2.6.12.6
 
+ -- Simon Horman <horms at debian.org>  Thu,  1 Sep 2005 15:06:15 +0900
+
 kernel-source-2.4.27 (2.4.27-11) unstable; urgency=low
 
   [ Simon Horman ]

Added: dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/189_ipv6-skb-leak.diff
===================================================================
--- dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/189_ipv6-skb-leak.diff	2005-09-01 06:10:47 UTC (rev 4112)
+++ dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/189_ipv6-skb-leak.diff	2005-09-01 06:39:14 UTC (rev 4113)
@@ -0,0 +1,34 @@
+From foo at baz.com Thu Aug 18 12:00:13 2005
+From: Patrick McHardy <kaber at trash.net>
+Date:   Wed Aug 17 12:04:22 2005 -0700
+Subject: [IPV6]: Fix SKB leak in ip6_input_finish()
+
+Changing it to how ip_input handles should fix it.
+
+Signed-off-by: Patrick McHardy <kaber at trash.net>
+Signed-off-by: "David S. Miller" <davem at davemloft.net>
+Signed-off-by: Chris Wright <chrisw at osdl.org>
+---
+ net/ipv6/ip6_input.c |    9 +++++----
+ 1 files changed, 5 insertions(+), 4 deletions(-)
+
+Index: linux-2.6.12.y/net/ipv6/ip6_input.c
+===================================================================
+--- a/net/ipv6/ip6_input.c	2005-09-01 13:29:09.000000000 +0900
++++ b/net/ipv6/ip6_input.c	2005-09-01 15:04:10.000000000 +0900
+@@ -185,11 +185,12 @@
+ 		if (!raw_sk) {
+ 			if (xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
+ 				IP6_INC_STATS_BH(Ip6InUnknownProtos);
+-				icmpv6_param_prob(skb, ICMPV6_UNK_NEXTHDR, nhoff);
++				icmpv6_send(skb, ICMPV6_PARAMPROB,
++					ICMPV6_UNK_NEXTHDR, nhoff,
++					skb->dev);
+ 			}
+-		} else {
+-			kfree_skb(skb);
+ 		}
++		kfree_skb(skb);
+ 	}
+ 
+ 	return 0;

Modified: dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-12
===================================================================
--- dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-12	2005-09-01 06:10:47 UTC (rev 4112)
+++ dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-12	2005-09-01 06:39:14 UTC (rev 4113)
@@ -3,3 +3,4 @@
 + 186_linux-zlib-fixes-2.diff
 + 187_zisofs-2.diff
 + 188_fix-dst-leak-in-icmp_push_reply.diff
++ 189_ipv6-skb-leak.diff


