[kernel] r14118 - in dists/etch-security/linux-2.6/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Sun Aug 16 15:19:58 UTC 2009 

Author: dannf
Date: Sun Aug 16 15:19:56 2009
New Revision: 14118

Log:
net: fix possible NULL dereference in sock_sendpage() (CVE-2009-2692)

Added:
   dists/etch-security/linux-2.6/debian/patches/bugfix/all/net-fix-possible-NULL-dereference-in-sock_sendpage.patch
Modified:
   dists/etch-security/linux-2.6/debian/changelog
   dists/etch-security/linux-2.6/debian/patches/series/24etch3

Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog	Sat Aug 15 21:11:28 2009	(r14117)
+++ dists/etch-security/linux-2.6/debian/changelog	Sun Aug 16 15:19:56 2009	(r14118)
@@ -1,11 +1,12 @@
-linux-2.6 (2.6.18.dfsg.1-24etch3) UNRELEASED; urgency=high
+linux-2.6 (2.6.18.dfsg.1-24etch3) oldstable-security; urgency=high
 
   * e1000: add missing length check to e1000 receive routine (CVE-2009-1385)
   * r8169: fix crash when large packets are received (CVE-2009-1389)
   * nfs4: fix MAY_EXEC handling (CVE-2009-1630)
   * cifs: fix several string conversion issues (CVE-2009-1633)
+  * net: fix possible NULL dereference in sock_sendpage() (CVE-2009-2692)
 
- -- dann frazier <dannf at debian.org>  Sat, 06 Jun 2009 09:55:38 -0600
+ -- dann frazier <dannf at debian.org>  Sat, 15 Aug 2009 11:13:20 -0600
 
 linux-2.6 (2.6.18.dfsg.1-24etch2) oldstable-security; urgency=high
 

Added: dists/etch-security/linux-2.6/debian/patches/bugfix/all/net-fix-possible-NULL-dereference-in-sock_sendpage.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/all/net-fix-possible-NULL-dereference-in-sock_sendpage.patch	Sun Aug 16 15:19:56 2009	(r14118)
@@ -0,0 +1,13 @@
+diff -urpN a/net/socket.c b/net/socket.c
+--- a/net/socket.c	2009-08-15 10:42:05.000000000 -0600
++++ b/net/socket.c	2009-08-15 11:09:49.000000000 -0600
+@@ -698,6 +698,9 @@ static ssize_t sock_sendpage(struct file
+ 	if (more)
+ 		flags |= MSG_MORE;
+ 
++	if (!sock->ops->sendpage)
++		return sock_no_sendpage(sock, page, offset, size, flags);
++
+ 	return sock->ops->sendpage(sock, page, offset, size, flags);
+ }
+ 

Modified: dists/etch-security/linux-2.6/debian/patches/series/24etch3
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/24etch3	Sat Aug 15 21:11:28 2009	(r14117)
+++ dists/etch-security/linux-2.6/debian/patches/series/24etch3	Sun Aug 16 15:19:56 2009	(r14118)
@@ -4,3 +4,4 @@
 + bugfix/all/cifs-fix-oops-when-windows-server-sent-bad-domain-name-null-terminator.patch
 + bugfix/all/cifs-fix-unicode-string-area-word-alignment-in-session-setup.patch
 + bugfix/all/cifs-increase-size-of-tmp_buf-in-cifs_readdir-to-avoid-potential-overflows.patch
++ bugfix/all/net-fix-possible-NULL-dereference-in-sock_sendpage.patch

More information about the Kernel-svn-changes mailing list