[kernel] r5485 - in dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: . patches patches/series

Dann Frazier dannf at costa.debian.org
Tue Jan 17 03:50:07 UTC 2006 

Author: dannf
Date: Tue Jan 17 03:50:06 2006
New Revision: 5485

Added:
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/203_proc_pic_cmdline_race.diff
Modified:
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
Log:
* [SECURITY] Fix a race condition that allows local users to view the
  environment variables of another process.
  203_proc_pic_cmdline_race.diff

Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	(original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	Tue Jan 17 03:50:06 2006
@@ -97,7 +97,11 @@
   * [SECURITY] Fix a potential overflow in sysctl buffer termination code.
     202_sysctl-buffer-overflow.diff
 
- -- dann frazier <dannf at debian.org>  Mon, 16 Jan 2006 15:59:44 -0700
+  * [SECURITY] Fix a race condition that allows local users to view the
+    environment variables of another process.
+    203_proc_pic_cmdline_race.diff
+
+ -- dann frazier <dannf at debian.org>  Mon, 16 Jan 2006 20:49:04 -0700
 
 kernel-source-2.4.27 (2.4.27-10sarge1) stable-security; urgency=high
 

Added: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/203_proc_pic_cmdline_race.diff
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/203_proc_pic_cmdline_race.diff	Tue Jan 17 03:50:06 2006
@@ -0,0 +1,24 @@
+Taken from linux-2.4.18-smallpatches.patch from kernel-2.4.21-27.0.4.EL.src.rpm
+See: 
+http://linux.bkbits.net:8080/linux-2.6/cset@412a4baaEebwtKg-X7sS2r5Mua6uGw
+https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=133113
+http://lkml.org/lkml/2004/7/29/332
+
+diff -Naur linux-2.4.20.ori/fs/proc/base.c linux-2.4.20/fs/proc/base.c
+--- linux-2.4.20.ori/fs/proc/base.c	2005-04-25 15:42:17.000000000 -0400
++++ linux-2.4.20/fs/proc/base.c	2005-04-25 16:01:40.000000000 -0400
+@@ -185,8 +185,12 @@
+ 	int res = 0;
+ 	task_lock(task);
+ 	mm = task->mm;
+-	if (mm)
+-		atomic_inc(&mm->mm_users);
++	if (mm) {
++		if (mm->arg_end)
++			atomic_inc(&mm->mm_users);
++		else
++			mm = NULL;
++	}
+ 	task_unlock(task);
+ 	if (mm) {
+ 		int len = mm->arg_end - mm->arg_start;

Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2	(original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2	Tue Jan 17 03:50:06 2006
@@ -16,3 +16,4 @@
 + 200_net_sdla_xfer_leak.diff
 + 201_ptrace-fix_self-attach_rule.diff
 + 202_sysctl-buffer-overflow.diff
++ 203_proc_pic_cmdline_race.diff

More information about the Kernel-svn-changes mailing list