[kernel] r7170 - in
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian:
patches patches/series
Dann Frazier
dannf at costa.debian.org
Wed Aug 16 20:02:59 UTC 2006
Author: dannf
Date: Wed Aug 16 20:02:57 2006
New Revision: 7170
Added:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/direct-io-write-mem-leak.dpatch
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5
Log:
[SECURITY] James McKenzie discovered a Denial of Service vulnerability
* direct-io-write-mem-leak.dpatch
[SECURITY] Fix memory leak in O_DIRECT write.
See CVE-2004-2660
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog (original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog Wed Aug 16 20:02:57 2006
@@ -1,13 +1,16 @@
kernel-source-2.6.8 (2.6.8-16sarge5) UNRELEASED; urgency=high
* fs-ext3-bad-nfs-handle.dpatch
- [SECURITY] James McKenzie discovered a Denial of Service vulnerability
+ [SECURITY] James McKenzie discovered a Denial of Service vulnerability
in the NFS driver. When exporting an ext3 file system over NFS, a remote
attacker could exploit this to trigger a file system panic by sending
a specially crafted UDP packet.
See CVE-2006-3468
+ * direct-io-write-mem-leak.dpatch
+ [SECURITY] Fix memory leak in O_DIRECT write.
+ See CVE-2004-2660
- -- dann frazier <dannf at debian.org> Sun, 13 Aug 2006 21:15:35 -0600
+ -- dann frazier <dannf at debian.org> Wed, 16 Aug 2006 14:00:11 -0600
kernel-source-2.6.8 (2.6.8-16sarge4) stable-security; urgency=high
Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/direct-io-write-mem-leak.dpatch
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/direct-io-write-mem-leak.dpatch Wed Aug 16 20:02:57 2006
@@ -0,0 +1,30 @@
+diff -Naru a/fs/direct-io.c b/fs/direct-io.c
+--- a/fs/direct-io.c 2006-08-16 20:58:21 -07:00
++++ b/fs/direct-io.c 2006-08-16 20:58:21 -07:00
+@@ -844,8 +844,10 @@
+ char *kaddr;
+
+ /* AKPM: eargh, -ENOTBLK is a hack */
+- if (dio->rw == WRITE)
++ if (dio->rw == WRITE) {
++ page_cache_release(page);
+ return -ENOTBLK;
++ }
+
+ if (dio->block_in_file >=
+ i_size_read(dio->inode)>>blkbits) {
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+# 2004/10/29 13:20:35-07:00 iwamoto at valinux.co.jp
+# [PATCH] direct IO write memory leak fix
+#
+# It seems that O_DIRECT write sometimes leaks memory.
+#
+# Signed-off-by: Andrew Morton <akpm at osdl.org>
+# Signed-off-by: Linus Torvalds <torvalds at osdl.org>
+#
+# fs/direct-io.c
+# 2004/10/29 01:13:37-07:00 iwamoto at valinux.co.jp +3 -1
+# direct IO write memory leak fix
+#
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5 (original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5 Wed Aug 16 20:02:57 2006
@@ -1 +1,2 @@
+ fs-ext3-bad-nfs-handle.dpatch
++ direct-io-write-mem-leak.dpatch
More information about the Kernel-svn-changes
mailing list