[kernel] r11429 - in dists/etch/linux-2.6.24/debian: . patches/bugfix patches/series

Dann Frazier dannf at alioth.debian.org
Wed May 21 06:18:57 UTC 2008 

Author: dannf
Date: Wed May 21 06:18:56 2008
New Revision: 11429

Log:
Fix remotely-triggerable memory leak in the Simple Internet Transition
(SIT) code used for IPv6 over IPv4 tunnels (CVE-2008-2136)

Added:
   dists/etch/linux-2.6.24/debian/patches/bugfix/sit-missing-kfree_skb-on-pskb_may_pull.patch
Modified:
   dists/etch/linux-2.6.24/debian/changelog
   dists/etch/linux-2.6.24/debian/patches/series/6~etchnhalf.3

Modified: dists/etch/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch/linux-2.6.24/debian/changelog	(original)
+++ dists/etch/linux-2.6.24/debian/changelog	Wed May 21 06:18:56 2008
@@ -2,8 +2,10 @@
 
   * Prevent local users from modifying file times without permission
     (CVE-2008-2148)
+  * Fix remotely-triggerable memory leak in the Simple Internet Transition
+    (SIT) code used for IPv6 over IPv4 tunnels (CVE-2008-2136)
 
- -- dann frazier <dannf at debian.org>  Tue, 20 May 2008 22:48:40 -0600
+ -- dann frazier <dannf at debian.org>  Wed, 21 May 2008 00:04:25 -0600
 
 linux-2.6.24 (2.6.24-6~etchnhalf.2) stable; urgency=low
 

Added: dists/etch/linux-2.6.24/debian/patches/bugfix/sit-missing-kfree_skb-on-pskb_may_pull.patch
==============================================================================
--- (empty file)
+++ dists/etch/linux-2.6.24/debian/patches/bugfix/sit-missing-kfree_skb-on-pskb_may_pull.patch	Wed May 21 06:18:56 2008
@@ -0,0 +1,26 @@
+commit 36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02
+Author: David S. Miller <davem at davemloft.net>
+Date:   Thu May 8 23:40:26 2008 -0700
+
+    sit: Add missing kfree_skb() on pskb_may_pull() failure.
+    
+    Noticed by Paul Marks <paul at pmarks.net>.
+    
+    Signed-off-by: David S. Miller <davem at davemloft.net>
+
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.24.orig/net/ipv6/sit.c linux-source-2.6.24/net/ipv6/sit.c
+--- linux-source-2.6.24.orig/net/ipv6/sit.c	2008-01-24 15:58:37.000000000 -0700
++++ linux-source-2.6.24/net/ipv6/sit.c	2008-05-21 00:00:08.000000000 -0600
+@@ -395,9 +395,9 @@ static int ipip6_rcv(struct sk_buff *skb
+ 	}
+ 
+ 	icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
+-	kfree_skb(skb);
+ 	read_unlock(&ipip6_lock);
+ out:
++	kfree_skb(skb);
+ 	return 0;
+ }
+ 

Modified: dists/etch/linux-2.6.24/debian/patches/series/6~etchnhalf.3
==============================================================================
--- dists/etch/linux-2.6.24/debian/patches/series/6~etchnhalf.3	(original)
+++ dists/etch/linux-2.6.24/debian/patches/series/6~etchnhalf.3	Wed May 21 06:18:56 2008
@@ -1 +1,2 @@
 + bugfix/vfs-fix-permission-checking-in-sys_utimensat.patch
++ bugfix/sit-missing-kfree_skb-on-pskb_may_pull.patch

More information about the Kernel-svn-changes mailing list