[kernel] r8022 - in dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian: . patches patches/series

Dann Frazier dannf at alioth.debian.org
Sun Dec 17 21:15:34 UTC 2006 

Author: dannf
Date: Sun Dec 17 22:15:33 2006
New Revision: 8022

Added:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/dev_queue_xmit-error-path.dpatch
Modified:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge7
Log:
* dev_queue_xmit-error-path.dpatch
  [SECURITY] Correct an error path in dev_queue_xmit() to rebalance
  local_bh_enable() calls. Patch from Vasily Averin.
  See CVE-2006-6535

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	Sun Dec 17 22:15:33 2006
@@ -7,8 +7,12 @@
   * mincore-fixes.dpatch
     This patch includes a few fixes, necessary for mincore_hang.dpatch to
     apply cleanly.
+  * dev_queue_xmit-error-path.dpatch
+    [SECURITY] Correct an error path in dev_queue_xmit() to rebalance
+    local_bh_enable() calls. Patch from Vasily Averin.
+    See CVE-2006-6535
 
- -- dann frazier <dannf at debian.org>  Sat, 16 Dec 2006 01:06:51 -0700
+ -- dann frazier <dannf at debian.org>  Sun, 17 Dec 2006 14:12:33 -0700
 
 kernel-source-2.6.8 (2.6.8-16sarge6) stable-security; urgency=high
 

Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/dev_queue_xmit-error-path.dpatch
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/dev_queue_xmit-error-path.dpatch	Sun Dec 17 22:15:33 2006
@@ -0,0 +1,25 @@
+--- ./net/core/dev.c.xmit	2006-10-11 12:57:35.000000000 +0400
++++ ./net/core/dev.c	2006-10-11 12:58:10.000000000 +0400
+@@ -1388,7 +1388,6 @@ int dev_queue_xmit(struct sk_buff *skb)
+ 			if (net_ratelimit())
+ 				printk(KERN_CRIT "Virtual device %s asks to "
+ 				       "queue packet!\n", dev->name);
+-			goto out_enetdown;
+ 		} else {
+ 			/* Recursion is detected! It is possible,
+ 			 * unfortunately */
+@@ -1397,10 +1396,13 @@ int dev_queue_xmit(struct sk_buff *skb)
+ 				       "%s, fix it urgently!\n", dev->name);
+ 		}
+ 	}
+-out_enetdown:
++
+ 	rc = -ENETDOWN;
++	local_bh_enable();
++
+ out_kfree_skb:
+ 	kfree_skb(skb);
++	return rc;
+ out:
+ 	local_bh_enable();
+ 	return rc;

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge7
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge7	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge7	Sun Dec 17 22:15:33 2006
@@ -1,2 +1,3 @@
 + debian/patches/mincore-fixes.dpatch
 + debian/patches/mincore_hang.dpatch
++ dev_queue_xmit-error-path.dpatch

More information about the Kernel-svn-changes mailing list