[kernel] r13514 - in dists/lenny-security/linux-2.6/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Tue Apr 28 04:39:35 UTC 2009
Author: dannf
Date: Tue Apr 28 04:39:34 2009
New Revision: 13514
Log:
agp: zero pages before sending to userspace (CVE-2009-1192)
Added:
dists/lenny-security/linux-2.6/debian/patches/bugfix/all/agp-zero-pages-before-sending-to-userspace.patch
Modified:
dists/lenny-security/linux-2.6/debian/changelog
dists/lenny-security/linux-2.6/debian/patches/series/15lenny1
Modified: dists/lenny-security/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny-security/linux-2.6/debian/changelog Tue Apr 28 04:22:54 2009 (r13513)
+++ dists/lenny-security/linux-2.6/debian/changelog Tue Apr 28 04:39:34 2009 (r13514)
@@ -14,6 +14,7 @@
* Make 'kill sig -1' only apply to caller's namespace (CVE-2009-1338)
* cifs: Fix memory overwrite when saving nativeFileSystem field during mount
(CVE-NEEDED)
+ * agp: zero pages before sending to userspace (CVE-2009-1192)
-- dann frazier <dannf at debian.org> Fri, 03 Apr 2009 19:12:51 -0600
Added: dists/lenny-security/linux-2.6/debian/patches/bugfix/all/agp-zero-pages-before-sending-to-userspace.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/lenny-security/linux-2.6/debian/patches/bugfix/all/agp-zero-pages-before-sending-to-userspace.patch Tue Apr 28 04:39:34 2009 (r13514)
@@ -0,0 +1,27 @@
+commit 59de2bebabc5027f93df999d59cc65df591c3e6e
+Author: Shaohua Li <shaohua.li at intel.com>
+Date: Mon Apr 20 10:08:35 2009 +1000
+
+ agp: zero pages before sending to userspace
+
+ AGP pages might be mapped into userspace finally, so the pages should be
+ set to zero before userspace can use it. Otherwise there is potential
+ information leakage.
+
+ Signed-off-by: Shaohua Li <shaohua.li at intel.com>
+ Signed-off-by: Dave Airlie <airlied at redhat.com>
+
+Backported to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.26.orig/drivers/char/agp/generic.c linux-source-2.6.26/drivers/char/agp/generic.c
+--- linux-source-2.6.26.orig/drivers/char/agp/generic.c 2008-07-13 15:51:29.000000000 -0600
++++ linux-source-2.6.26/drivers/char/agp/generic.c 2009-04-27 21:32:00.000000000 -0600
+@@ -1182,7 +1182,7 @@ void *agp_generic_alloc_page(struct agp_
+ {
+ struct page * page;
+
+- page = alloc_page(GFP_KERNEL | GFP_DMA32);
++ page = alloc_page(GFP_KERNEL | GFP_DMA32 | __GFP_ZERO);
+ if (page == NULL)
+ return NULL;
+
Modified: dists/lenny-security/linux-2.6/debian/patches/series/15lenny1
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/series/15lenny1 Tue Apr 28 04:22:54 2009 (r13513)
+++ dists/lenny-security/linux-2.6/debian/patches/series/15lenny1 Tue Apr 28 04:39:34 2009 (r13514)
@@ -11,3 +11,4 @@
+ bugfix/all/cifs-fix-memory-overwrite-when-saving-nativeFileSystem-field-during-mount.patch
+ bugfix/all/cifs-fix-buffer-size-for-tcon-nativeFileSystem-field.patch
+ bugfix/all/cifs-remove-unneeded-bcc_ptr-update-in-CIFSTCon.patch
++ bugfix/all/agp-zero-pages-before-sending-to-userspace.patch
More information about the Kernel-svn-changes
mailing list