[kernel] r12044 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix patches/series
Dann Frazier
dannf at alioth.debian.org
Tue Aug 12 08:48:11 UTC 2008
Author: dannf
Date: Tue Aug 12 08:48:10 2008
New Revision: 12044
Log:
Fix possible information leak in seq_oss_synth.c
(CVE-2008-3272)
Added:
dists/etch-security/linux-2.6.24/debian/patches/bugfix/sound-ensure-device-number-is-valid-in-snd_seq_oss_synth_make_info.patch
Modified:
dists/etch-security/linux-2.6.24/debian/changelog
dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.5
Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog (original)
+++ dists/etch-security/linux-2.6.24/debian/changelog Tue Aug 12 08:48:10 2008
@@ -2,8 +2,10 @@
* Add ABI files for 2.6.24-etchnhalf.1
* Fix regression introduced upstream by the fix for CVE-2008-0598
+ * Fix possible information leak in seq_oss_synth.c
+ (CVE-2008-3272)
- -- dann frazier <dannf at debian.org> Tue, 12 Aug 2008 02:27:51 -0600
+ -- dann frazier <dannf at debian.org> Tue, 12 Aug 2008 02:41:51 -0600
linux-2.6.24 (2.6.24-6~etchnhalf.4) stable; urgency=low
Added: dists/etch-security/linux-2.6.24/debian/patches/bugfix/sound-ensure-device-number-is-valid-in-snd_seq_oss_synth_make_info.patch
==============================================================================
--- (empty file)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/sound-ensure-device-number-is-valid-in-snd_seq_oss_synth_make_info.patch Tue Aug 12 08:48:10 2008
@@ -0,0 +1,30 @@
+commit 82e68f7ffec3800425f2391c8c86277606860442
+Author: Willy Tarreau <w at 1wt.eu>
+Date: Sat Aug 2 18:25:16 2008 +0200
+
+ sound: ensure device number is valid in snd_seq_oss_synth_make_info
+
+ snd_seq_oss_synth_make_info() incorrectly reports information
+ to userspace without first checking for the validity of the
+ device number, leading to possible information leak (CVE-2008-3272).
+
+ Reported-By: Tobias Klein <tk at trapkit.de>
+ Acked-and-tested-by: Takashi Iwai <tiwai at suse.de>
+ Cc: stable at kernel.org
+ Signed-off-by: Willy Tarreau <w at 1wt.eu>
+ Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+
+diff --git a/sound/core/seq/oss/seq_oss_synth.c b/sound/core/seq/oss/seq_oss_synth.c
+index 558dadb..e024e45 100644
+--- a/sound/core/seq/oss/seq_oss_synth.c
++++ b/sound/core/seq/oss/seq_oss_synth.c
+@@ -604,6 +604,9 @@ snd_seq_oss_synth_make_info(struct seq_oss_devinfo *dp, int dev, struct synth_in
+ {
+ struct seq_oss_synth *rec;
+
++ if (dev < 0 || dev >= dp->max_synthdev)
++ return -ENXIO;
++
+ if (dp->synths[dev].is_midi) {
+ struct midi_info minf;
+ snd_seq_oss_midi_make_info(dp, dp->synths[dev].midi_mapped, &minf);
Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.5
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.5 (original)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.5 Tue Aug 12 08:48:10 2008
@@ -1 +1,2 @@
+ bugfix/x86-wrong-register-was-used-in-align-macro.patch
++ bugfix/sound-ensure-device-number-is-valid-in-snd_seq_oss_synth_make_info.patch
More information about the Kernel-svn-changes
mailing list