[kernel] r5247 - patch-tracking
Simon Horman
horms at costa.debian.org
Thu Jan 5 03:19:55 UTC 2006
Author: horms
Date: Thu Jan 5 03:19:55 2006
New Revision: 5247
Added:
patch-tracking/dm-crypt-zero-key.dpatch
Log:
dm-crypt does not clear struct crypt_config before freeing it. Thus,
information on the key could leak f.e. to a swsusp image even after the
encrypted device has been removed. The attached patch against 2.6.14 / 2.6.15
fixes it.
Added: patch-tracking/dm-crypt-zero-key.dpatch
==============================================================================
--- (empty file)
+++ patch-tracking/dm-crypt-zero-key.dpatch Thu Jan 5 03:19:55 2006
@@ -0,0 +1,22 @@
+Candidate: needed
+References:
+ http://article.gmane.org/gmane.linux.kernel/363528/match=dm+crypt
+Description:
+ dm-crypt does not clear struct crypt_config before freeing it. Thus,
+ information on the key could leak f.e. to a swsusp image even after the
+ encrypted device has been removed. The attached patch against 2.6.14 /
+ 2.6.15 fixes it.
+Notes:
+ jhorms> 2.4 not affected as dm-crypt doesn't seem to exist
+Bugs:
+upstream: needed
+linux-2.6: needed
+2.6.8-sarge-security: pending (2.6.8-17) [dm-crypt-zero-key.dpatch]
+2.4.27-sarge-security: N/A
+2.6.8: pending (2.6.8-16sarge2) [dm-crypt-zero-key.dpatch]
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A
More information about the Kernel-svn-changes
mailing list