[kernel] r13512 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Tue Apr 28 04:19:05 UTC 2009
Author: dannf
Date: Tue Apr 28 04:19:04 2009
New Revision: 13512
Log:
agp: zero pages before sending to userspace (CVE-2009-1192)
Added:
dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/agp-zero-pages-before-sending-to-userspace.patch
Modified:
dists/etch-security/linux-2.6.24/debian/changelog
dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1
Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog Mon Apr 27 19:58:24 2009 (r13511)
+++ dists/etch-security/linux-2.6.24/debian/changelog Tue Apr 28 04:19:04 2009 (r13512)
@@ -28,6 +28,7 @@
* KVM: VMX: Don't allow uninhibited access to EFER on i386 (CVE-2009-1242)
* exit_notify: kill the wrong capable(CAP_KILL) check (CVE-2009-1337)
* Make 'kill sig -1' only apply to caller's namespace (CVE-2009-1338)
+ * agp: zero pages before sending to userspace (CVE-2009-1192)
-- dann frazier <dannf at debian.org> Tue, 24 Feb 2009 23:25:36 -0700
Added: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/agp-zero-pages-before-sending-to-userspace.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/agp-zero-pages-before-sending-to-userspace.patch Tue Apr 28 04:19:04 2009 (r13512)
@@ -0,0 +1,27 @@
+commit 59de2bebabc5027f93df999d59cc65df591c3e6e
+Author: Shaohua Li <shaohua.li at intel.com>
+Date: Mon Apr 20 10:08:35 2009 +1000
+
+ agp: zero pages before sending to userspace
+
+ AGP pages might be mapped into userspace finally, so the pages should be
+ set to zero before userspace can use it. Otherwise there is potential
+ information leakage.
+
+ Signed-off-by: Shaohua Li <shaohua.li at intel.com>
+ Signed-off-by: Dave Airlie <airlied at redhat.com>
+
+Backported to Debian's 2.6.24 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.24.orig/drivers/char/agp/generic.c linux-source-2.6.24/drivers/char/agp/generic.c
+--- linux-source-2.6.24.orig/drivers/char/agp/generic.c 2008-01-24 15:58:37.000000000 -0700
++++ linux-source-2.6.24/drivers/char/agp/generic.c 2009-04-27 22:08:01.000000000 -0600
+@@ -1166,7 +1166,7 @@ void *agp_generic_alloc_page(struct agp_
+ {
+ struct page * page;
+
+- page = alloc_page(GFP_KERNEL | GFP_DMA32);
++ page = alloc_page(GFP_KERNEL | GFP_DMA32 | __GFP_ZERO);
+ if (page == NULL)
+ return NULL;
+
Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1 Mon Apr 27 19:58:24 2009 (r13511)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1 Tue Apr 28 04:19:04 2009 (r13512)
@@ -82,3 +82,4 @@
+ bugfix/all/exit_notify-kill-wrong-CAP_KILL-check.patch
+ bugfix/all/limit_kill_sig_-1_to_callers_namespace.patch
+ bugfix/all/pid-extend+fix-pid_vnr.patch
++ bugfix/all/agp-zero-pages-before-sending-to-userspace.patch
More information about the Kernel-svn-changes
mailing list