[kernel] r7181 - in dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian: patches patches/series

Thu Aug 17 06:15:06 UTC 2006

Author: dannf
Date: Thu Aug 17 06:15:05 2006
New Revision: 7181

Added:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/netfilter-SO_ORIGINAL_DST-leak.dpatch
Modified:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5

Log:
* netfilter-SO_ORIGINAL_DST-leak.dpatch
  [SECURITY] Fix information leak in SO_ORIGINAL_DST
  See CVE-2006-1343

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
==============================================================================

--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	Thu Aug 17 06:15:05 2006
@@ -25,8 +25,11 @@
     [SECURITY] Fix vulnerability in selinux_ptrace that prevents local
     users from changing the tracer SID to the SID of another process
     See CVE-2006-1052
+  * netfilter-SO_ORIGINAL_DST-leak.dpatch
+    [SECURITY] Fix information leak in SO_ORIGINAL_DST
+    See CVE-2006-1343
 
- -- dann frazier <dannf at debian.org>  Thu, 17 Aug 2006 00:00:32 -0600
+ -- dann frazier <dannf at debian.org>  Thu, 17 Aug 2006 00:14:02 -0600
 
 kernel-source-2.6.8 (2.6.8-16sarge4) stable-security; urgency=high
 

Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/netfilter-SO_ORIGINAL_DST-leak.dpatch
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/netfilter-SO_ORIGINAL_DST-leak.dpatch	Thu Aug 17 06:15:05 2006
@@ -0,0 +1,29 @@
+From: Marcel Holtmann <marcel at holtmann.org>
+Date: Fri, 26 May 2006 11:50:46 +0000 (+0200)
+Subject: [PATCH] NETFILTER: Fix small information leak in SO_ORIGINAL_DST (CVE-2006-1343)
+X-Git-Tag: v2.6.16.19
+X-Git-Url: http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commitdiff;h=11091f6a4a11feb5794aef9307c428838129ea02
+
+[PATCH] NETFILTER: Fix small information leak in SO_ORIGINAL_DST (CVE-2006-1343)
+
+It appears that sockaddr_in.sin_zero is not zeroed during
+getsockopt(...SO_ORIGINAL_DST...) operation. This can lead
+to an information leak (CVE-2006-1343).
+
+Signed-off-by: Marcel Holtmann <marcel at holtmann.org>
+Signed-off-by: Chris Wright <chrisw at sous-sol.org>
+---
+
+Backported to Debian's 2.6.8 by dann frazier <dannf at debian.org>:
+ * Dropped changes to file not in 2.6.8 (nf_conntrack_l3proto_ipv4.c)
+
+--- a/net/ipv4/netfilter/ip_conntrack_core.c
++++ b/net/ipv4/netfilter/ip_conntrack_core.c
+@@ -1318,6 +1318,7 @@ getorigdst(struct sock *sk, int optval, 
+ 			.tuple.dst.u.tcp.port;
+ 		sin.sin_addr.s_addr = ct->tuplehash[IP_CT_DIR_ORIGINAL]
+ 			.tuple.dst.ip;
++		memset(sin.sin_zero, 0, sizeof(sin.sin_zero));
+ 
+ 		DEBUGP("SO_ORIGINAL_DST: %u.%u.%u.%u %u\n",
+ 		       NIPQUAD(sin.sin_addr.s_addr), ntohs(sin.sin_port));

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5	Thu Aug 17 06:15:05 2006
@@ -4,3 +4,4 @@
 + cdrom-bad-cgc.buflen-assign.dpatch
 + usb-serial-ftdi_sio-dos.dpatch
 + selinux-tracer-SID-fix.dpatch
++ netfilter-SO_ORIGINAL_DST-leak.dpatch

