[kernel] r12319 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix patches/series
Dann Frazier
dannf at alioth.debian.org
Fri Oct 17 00:10:53 UTC 2008
Author: dannf
Date: Fri Oct 17 00:10:51 2008
New Revision: 12319
Log:
* Restrict access to the DRM_I915_HWS_ADDR ioctl (CVE-2008-3831)
Added:
dists/etch-security/linux-2.6.24/debian/patches/bugfix/i915-restrict-DRM_I915_HWS_ADDR.patch
Modified:
dists/etch-security/linux-2.6.24/debian/changelog
dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.6
Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog (original)
+++ dists/etch-security/linux-2.6.24/debian/changelog Fri Oct 17 00:10:51 2008
@@ -1,4 +1,4 @@
-linux-2.6.24 (2.6.24-6~etchnhalf.6) UNRELEASED; urgency=high
+linux-2.6.24 (2.6.24-6~etchnhalf.6) stable-security; urgency=high
* Add missing capability checks in sbni_ioctl (CVE-2008-3525)
* [s390] prevent ptrace padding area read/write in 31-bit mode
@@ -7,8 +7,9 @@
(CVE-2008-4113)
* sctp: fix bounds checking in sctp_auth_ep_set_hmacs
(CVE-2008-4445)
+ * Restrict access to the DRM_I915_HWS_ADDR ioctl (CVE-2008-3831)
- -- dann frazier <dannf at debian.org> Fri, 10 Oct 2008 00:01:10 -0600
+ -- dann frazier <dannf at debian.org> Mon, 13 Oct 2008 00:01:20 -0600
linux-2.6.24 (2.6.24-6~etchnhalf.5) stable-security; urgency=high
Added: dists/etch-security/linux-2.6.24/debian/patches/bugfix/i915-restrict-DRM_I915_HWS_ADDR.patch
==============================================================================
--- (empty file)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/i915-restrict-DRM_I915_HWS_ADDR.patch Fri Oct 17 00:10:51 2008
@@ -0,0 +1,19 @@
+commit 6dbfadaae00a1238c01a6a04b02cb484cd9072e7
+Author: Matthias Hopf <mhopf at suse.de>
+Date: Fri Sep 26 16:47:03 2008 +0200
+
+ Only allow access to DRM_I915_HWS_ADDR ioctl() for Xserver.
+
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
+
+--- linux-source-2.6.24.orig/drivers/char/drm/i915_dma.c 2008-01-24 15:58:37.000000000 -0700
++++ linux-source-2.6.24/drivers/char/drm/i915_dma.c 2008-10-12 23:57:16.000000000 -0600
+@@ -828,7 +828,7 @@ struct drm_ioctl_desc i915_ioctls[] = {
+ DRM_IOCTL_DEF(DRM_I915_SET_VBLANK_PIPE, i915_vblank_pipe_set, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY ),
+ DRM_IOCTL_DEF(DRM_I915_GET_VBLANK_PIPE, i915_vblank_pipe_get, DRM_AUTH ),
+ DRM_IOCTL_DEF(DRM_I915_VBLANK_SWAP, i915_vblank_swap, DRM_AUTH),
+- DRM_IOCTL_DEF(DRM_I915_HWS_ADDR, i915_set_status_page, DRM_AUTH),
++ DRM_IOCTL_DEF(DRM_I915_HWS_ADDR, i915_set_status_page, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
+ };
+
+ int i915_max_ioctl = DRM_ARRAY_SIZE(i915_ioctls);
Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.6
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.6 (original)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.6 Fri Oct 17 00:10:51 2008
@@ -1,3 +1,4 @@
+ bugfix/wan-sbni_ioctl-cap-checks.patch
+ bugfix/prevent-ptrace-padding-area-readwrite-in-32bit-mode.patch
+ bugfix/sctp-fix-random-memory-dereference-with-SCTP_HMAC_I.patch
++ bugfix/i915-restrict-DRM_I915_HWS_ADDR.patch
More information about the Kernel-svn-changes
mailing list