[kernel] r11843 - in dists/etch-security/linux-2.6/debian: . patches/bugfix patches/series
Dann Frazier
dannf at alioth.debian.org
Wed Jul 16 05:12:10 UTC 2008
Author: dannf
Date: Wed Jul 16 05:12:08 2008
New Revision: 11843
Log:
bugfix/check-privileges-before-setting-mount-propagation.patch
[SECURITY] Check CAP_SYS_ADMIN when changing mountpoint type
See CVE-2008-2931
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/check-privileges-before-setting-mount-propagation.patch
Modified:
dists/etch-security/linux-2.6/debian/changelog
dists/etch-security/linux-2.6/debian/patches/series/18etch7
Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog (original)
+++ dists/etch-security/linux-2.6/debian/changelog Wed Jul 16 05:12:08 2008
@@ -15,8 +15,11 @@
* bugfix/tty-fix-for-tty-operations-bugs.patch
[SECURITY] Fix issues with tty operation handling in various drivers
See CVE-2008-2812
+ * bugfix/check-privileges-before-setting-mount-propagation.patch
+ [SECURITY] Check CAP_SYS_ADMIN when changing mountpoint type
+ See CVE-2008-2931
- -- dann frazier <dannf at debian.org> Tue, 01 Jul 2008 10:54:29 -0600
+ -- dann frazier <dannf at debian.org> Tue, 15 Jul 2008 21:53:11 -0700
linux-2.6 (2.6.18.dfsg.1-18etch6) stable-security; urgency=high
Added: dists/etch-security/linux-2.6/debian/patches/bugfix/check-privileges-before-setting-mount-propagation.patch
==============================================================================
--- (empty file)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/check-privileges-before-setting-mount-propagation.patch Wed Jul 16 05:12:08 2008
@@ -0,0 +1,28 @@
+commit ee6f958291e2a768fd727e7a67badfff0b67711a
+Author: Miklos Szeredi <mszeredi at suse.cz>
+Date: Tue May 8 00:30:40 2007 -0700
+
+ check privileges before setting mount propagation
+
+ There's a missing check for CAP_SYS_ADMIN in do_change_type().
+
+ Signed-off-by: Miklos Szeredi <mszeredi at suse.cz>
+ Cc: Al Viro <viro at zeniv.linux.org.uk>
+ Cc: Christoph Hellwig <hch at lst.de>
+ Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
+ Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+
+diff --git a/fs/namespace.c b/fs/namespace.c
+index 72bb106..b696e3a 100644
+--- a/fs/namespace.c
++++ b/fs/namespace.c
+@@ -886,6 +886,9 @@ static int do_change_type(struct nameidata *nd, int flag)
+ int recurse = flag & MS_REC;
+ int type = flag & ~MS_REC;
+
++ if (!capable(CAP_SYS_ADMIN))
++ return -EPERM;
++
+ if (nd->dentry != nd->mnt->mnt_root)
+ return -EINVAL;
+
Modified: dists/etch-security/linux-2.6/debian/patches/series/18etch7
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/18etch7 (original)
+++ dists/etch-security/linux-2.6/debian/patches/series/18etch7 Wed Jul 16 05:12:08 2008
@@ -3,3 +3,4 @@
+ bugfix/amd64-fix-zeroing-on-exception-in-copy_user-pre.patch
+ bugfix/amd64-fix-zeroing-on-exception-in-copy_user.patch
+ bugfix/tty-fix-for-tty-operations-bugs.patch
++ bugfix/check-privileges-before-setting-mount-propagation.patch
More information about the Kernel-svn-changes
mailing list