[kernel] r6596 - in
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian:
patches patches/series
Dann Frazier
dannf at costa.debian.org
Thu May 18 21:01:46 UTC 2006
Author: dannf
Date: Thu May 18 21:01:45 2006
New Revision: 6596
Added:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/binfmt-bad-elf-entry-address.dpatch
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3
Log:
* binfmt-bad-elf-entry-address.dpatch
[SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
code on em64t processors
See CVE-2006-0741
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog (original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog Thu May 18 21:01:45 2006
@@ -28,8 +28,12 @@
[SECURITY] Fix directory traversal vulnerability in smbfs that permits
local users to escape chroot restrictions
See CVE-2006-1863
+ * binfmt-bad-elf-entry-address.dpatch
+ [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf
+ code on em64t processors
+ See CVE-2006-0741
- -- dann frazier <dannf at debian.org> Wed, 17 May 2006 12:26:48 -0500
+ -- dann frazier <dannf at debian.org> Thu, 18 May 2006 15:55:02 -0500
kernel-source-2.6.8 (2.6.8-16sarge2) stable-security; urgency=high
Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/binfmt-bad-elf-entry-address.dpatch
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/binfmt-bad-elf-entry-address.dpatch Thu May 18 21:01:45 2006
@@ -0,0 +1,29 @@
+[PATCH] x86_64: Check for bad elf entry address.
+
+Fixes a local DOS on Intel systems that lead to an endless
+recursive fault. AMD machines don't seem to be affected.
+
+Signed-off-by: Suresh Siddha <suresh.b.siddha at intel.com>
+Signed-off-by: Andi Kleen <ak at suse.de>
+Signed-off-by: Linus Torvalds <torvalds at osdl.org>
+
+GIT: 5342fba5412cead88b61ead07168615dbeba1ee3
+
+# backported to Debian's 2.6.8 by Troy Heber <troyh at debian.org>
+
+diff -urN kernel-source-2.6.8.orig/fs/binfmt_elf.c 2.6/fs/binfmt_elf.c
+--- kernel-source-2.6.8.orig/fs/binfmt_elf.c 2006-02-08 22:55:59.000000000 -0700
++++ 2.6/fs/binfmt_elf.c 2006-05-16 22:48:02.000000000 -0600
+@@ -884,6 +884,12 @@
+ kfree(elf_interpreter);
+ } else {
+ elf_entry = elf_ex.e_entry;
++ if (BAD_ADDR(elf_entry)) {
++ send_sig(SIGSEGV, current, 0);
++ retval = -ENOEXEC; /* Nobody gets to see this, but.. */
++ goto out_free_dentry;
++ }
++
+ }
+
+ kfree(elf_phdata);
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3 (original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3 Thu May 18 21:01:45 2006
@@ -6,3 +6,4 @@
+ perfmon-exit-race.dpatch
+ ia64-die_if_kernel-returns.dpatch
+ cifs-chroot-escape.dpatch
++ binfmt-bad-elf-entry-address.dpatch
More information about the Kernel-svn-changes
mailing list