r4294 - in
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian:
. patches patches/series
Dann Frazier
dannf at costa.debian.org
Tue Sep 27 21:19:14 UTC 2005
Author: dannf
Date: 2005-09-27 21:19:13 +0000 (Tue, 27 Sep 2005)
New Revision: 4294
Added:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/mempolicy-check-mode.dpatch
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
Log:
* mempolicy-check-mode.dpatch
[SECURITY] Input validation in sys_set_mempolicy(); local DoS.
See Can-2005-3053
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
===================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2005-09-27 15:41:52 UTC (rev 4293)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2005-09-27 21:19:13 UTC (rev 4294)
@@ -47,8 +47,13 @@
[SECURITY] Fix SKB leak in ip6_input_finish(); local DoS.
From 2.6.12.6
- -- Simon Horman <horms at debian.org> Mon, 12 Sep 2005 17:10:18 +0900
+ [ dann frazier ]
+ * mempolicy-check-mode.dpatch
+ [SECURITY] Input validation in sys_set_mempolicy(); local DoS.
+ See Can-2005-3053
+ -- dann frazier <dannf at debian.org> Tue, 27 Sep 2005 15:18:57 -0600
+
kernel-source-2.6.8 (2.6.8-16sarge1) stable-security; urgency=high
[ Dann Frazier ]
Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/mempolicy-check-mode.dpatch
===================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/mempolicy-check-mode.dpatch 2005-09-27 15:41:52 UTC (rev 4293)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/mempolicy-check-mode.dpatch 2005-09-27 21:19:13 UTC (rev 4294)
@@ -0,0 +1,33 @@
+diff -Naru a/mm/mempolicy.c b/mm/mempolicy.c
+--- a/mm/mempolicy.c 2005-09-27 13:25:44 -07:00
++++ b/mm/mempolicy.c 2005-09-27 13:25:44 -07:00
+@@ -443,7 +443,7 @@
+ struct mempolicy *new;
+ DECLARE_BITMAP(nodes, MAX_NUMNODES);
+
+- if (mode > MPOL_MAX)
++ if (mode < 0 || mode > MPOL_MAX)
+ return -EINVAL;
+ err = get_nodes(nodes, nmask, maxnode, mode);
+ if (err)
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+# 2005/08/01 21:38:00-07:00 dada1 at cosmosbay.com
+# [PATCH] sys_set_mempolicy() doesnt check if mode < 0
+#
+# A kernel BUG() is triggered by a call to set_mempolicy() with a negative
+# first argument. This is because the mode is declared as an int, and the
+# validity check doesnt check < 0 values. Alternatively, mode could be
+# declared as unsigned int or unsigned long.
+#
+# Signed-off-by: Eric Dumazet <dada1 at cosmosbay.com>
+# Cc: Andi Kleen <ak at suse.de>
+# Signed-off-by: Andrew Morton <akpm at osdl.org>
+# Signed-off-by: Linus Torvalds <torvalds at osdl.org>
+#
+# GIT: ba17101b41977f124948e0a7797fdcbb59e19f3e
+#
+# mm/mempolicy.c
+# 2005/08/01 21:38:00-07:00 dada1 at cosmosbay.com +1 -1
+#
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
===================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2 2005-09-27 15:41:52 UTC (rev 4293)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2 2005-09-27 21:19:13 UTC (rev 4294)
@@ -5,3 +5,4 @@
+ nptl-signal-delivery-deadlock-fix.dpatch
+ fix-memory-leak-in-sg.c-seq_file.dpatch
+ ipv6-skb-leak.dpatch
++ mempolicy-check-mode.dpatch
More information about the Kernel-svn-changes
mailing list