[kernel] r6644 - in dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian: patches patches/series

Dann Frazier dannf at costa.debian.org
Sat May 20 07:40:24 UTC 2006 

Author: dannf
Date: Sat May 20 07:40:23 2006
New Revision: 6644

Added:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nfs-another-O_DIRECT-fix.dpatch
Modified:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3

Log:
* nfs-another-O_DIRECT-fix.dpatch
  [SECURITY] Fix a potential local DoS vulnerability in the NFS O_DIRECT code
  See CVE-2006-0555

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	Sat May 20 07:40:23 2006
@@ -85,8 +85,11 @@
     [SECURITY] Fix leak in the ftruncate call in the XFS filesystem that may
     permit local users to view sensitive information
     See CVE-2006-0554
+  * nfs-another-O_DIRECT-fix.dpatch
+    [SECURITY] Fix a potential local DoS vulnerability in the NFS O_DIRECT code
+    See CVE-2006-0555
 
- -- dann frazier <dannf at debian.org>  Sat, 20 May 2006 02:34:50 -0500
+ -- dann frazier <dannf at debian.org>  Sat, 20 May 2006 02:39:40 -0500
 
 kernel-source-2.6.8 (2.6.8-16sarge2) stable-security; urgency=high
 

Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nfs-another-O_DIRECT-fix.dpatch
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nfs-another-O_DIRECT-fix.dpatch	Sat May 20 07:40:23 2006
@@ -0,0 +1,31 @@
+Fix for CVE-2006-0555 for Sarge 2.6.8. 
+
+Signed-off-by: Troy Heber <troyh at debian.org>`
+
+diff-tree 93e3d00a9f0158e522cada1088233fad23247882 (from 8dcd7c19f2624b7150edd60da336da0bb5291bef)
+Author: Trond Myklebust <trond.myklebust at netapp.com>
+Date:   Wed Feb 15 00:42:26 2006 -0500
+
+    [PATCH] Normal user can panic NFS client with direct I/O (CVE-2006-0555)
+    
+    This is CVE-2006-0555 and SGI bug 946529.  A normal user can panic an
+    NFS client and cause a local DoS with 'judicious'(?) use of O_DIRECT.
+    
+    Signed-off-by: Chris Wright <chrisw at sous-sol.org>
+
+diff --git a/fs/nfs/direct.c b/fs/nfs/direct.c
+index 0792288..3ebb06e 100644
+--- a/fs/nfs/direct.c
++++ b/fs/nfs/direct.c
+@@ -106,6 +106,11 @@ nfs_get_user_pages(int rw, unsigned long
+ 		result = get_user_pages(current, current->mm, user_addr,
+ 					page_count, (rw == READ), 0,
+ 					*pages, NULL);
++		if (result >= 0 && result < page_count) {
++			nfs_free_user_pages(*pages, result, 0);
++			*pages = NULL;
++			result = -EFAULT;
++		}
+ 		up_read(&current->mm->mmap_sem);
+ 	}
+ 	return result;

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3	(original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3	Sat May 20 07:40:23 2006
@@ -23,3 +23,4 @@
 + do_add_counters-race.dpatch
 + s390-strnlen_user-return.dpatch
 + xfs-ftruncate-leak.dpatch
++ nfs-another-O_DIRECT-fix.dpatch

More information about the Kernel-svn-changes mailing list