[kernel] r5357 - in dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian: . patches patches/series

Dann Frazier dannf at costa.debian.org
Sun Jan 8 21:02:05 UTC 2006 

Author: dannf
Date: Sun Jan  8 21:02:01 2006
New Revision: 5357

Added:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ptrace-fix_self-attach_rule.dpatch
Modified:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
Log:
* ptrace-fix_self-attach_rule.dpatch:
  [SECURITY] Use the thread group ID to check if it a self-attach.  Fixes
  a local DoS (crash).
  See CVE-2005-3783

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	Sun Jan  8 21:02:01 2006
@@ -146,9 +146,13 @@
     to avoid an ABI change.  Unapply the -2.1 patch which is superseded by -3.
     See CVE-2005-0449
     ****CHANGES ABI****
-  *
 
- -- Simon Horman <horms at verge.net.au>  Fri,  6 Jan 2006 15:00:28 +0900
+  * ptrace-fix_self-attach_rule.dpatch:
+    [SECURITY] Use the thread group ID to check if it a self-attach.  Fixes
+    a local DoS (crash).
+    See CVE-2005-3783
+
+ -- dann frazier <dannf at debian.org>  Sun,  8 Jan 2006 13:50:51 -0700
 
 kernel-source-2.6.8 (2.6.8-16sarge1) stable-security; urgency=high
 

Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ptrace-fix_self-attach_rule.dpatch
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ptrace-fix_self-attach_rule.dpatch	Sun Jan  8 21:02:01 2006
@@ -0,0 +1,25 @@
+From: Linus Torvalds <torvalds at osdl.org>
+Date: Wed, 9 Nov 2005 19:37:57 +0000 (-0800)
+Subject: [PATCH] Fix ptrace self-attach rule
+X-Git-Url: http://www.kernel.org/git/?p=linux/kernel/git/gregkh/linux-2.6.14.y.git;a=commitdiff;h=082d52c56f642d21b771a13221068d40915a1409
+
+[PATCH] Fix ptrace self-attach rule
+
+Before we did CLONE_THREAD, the way to check whether we were attaching
+to ourselves was to just check "current == task", but with CLONE_THREAD
+we should check that the thread group ID matches instead.
+
+Signed-off-by: Linus Torvalds <torvalds at osdl.org>
+---
+
+--- a/kernel/ptrace.c
++++ b/kernel/ptrace.c
+@@ -152,7 +152,7 @@ int ptrace_attach(struct task_struct *ta
+ 	retval = -EPERM;
+ 	if (task->pid <= 1)
+ 		goto bad;
+-	if (task == current)
++	if (task->tgid == current->tgid)
+ 		goto bad;
+ 	/* the same process cannot be attached many times */
+ 	if (task->ptrace & PT_PTRACED)

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2	Sun Jan  8 21:02:01 2006
@@ -25,3 +25,4 @@
 + net-ipv6-flowlabel-refcnt.dpatch
 + kernel-dont-reap-traced.dpatch
 + net-sdla-coverty.dpatch
++ ptrace-fix_self-attach_rule.dpatch

More information about the Kernel-svn-changes mailing list