[kernel] r13740 - in dists/etch-security/linux-2.6/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Sat Jun 6 16:10:59 UTC 2009 

Author: dannf
Date: Sat Jun  6 16:10:58 2009
New Revision: 13740

Log:
e1000: add missing length check to e1000 receive routine (CVE-2009-1385)

Added:
   dists/etch-security/linux-2.6/debian/patches/bugfix/all/e1000-add-missing-length-check-to-e1000-receive-routine.patch
      - copied, changed from r13739, dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/e1000-add-missing-length-check-to-e1000-receive-routine.patch
   dists/etch-security/linux-2.6/debian/patches/series/24etch3
Modified:
   dists/etch-security/linux-2.6/debian/changelog

Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog	Sat Jun  6 15:52:49 2009	(r13739)
+++ dists/etch-security/linux-2.6/debian/changelog	Sat Jun  6 16:10:58 2009	(r13740)
@@ -1,3 +1,9 @@
+linux-2.6 (2.6.18.dfsg.1-24etch3) UNRELEASED; urgency=high
+
+  * e1000: add missing length check to e1000 receive routine (CVE-2009-1385)
+
+ -- dann frazier <dannf at debian.org>  Sat, 06 Jun 2009 09:55:38 -0600
+
 linux-2.6 (2.6.18.dfsg.1-24etch2) oldstable-security; urgency=high
 
   * Fix mips FTBFS due to a missed rename of the mips-specific

Copied and modified: dists/etch-security/linux-2.6/debian/patches/bugfix/all/e1000-add-missing-length-check-to-e1000-receive-routine.patch (from r13739, dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/e1000-add-missing-length-check-to-e1000-receive-routine.patch)
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/e1000-add-missing-length-check-to-e1000-receive-routine.patch	Sat Jun  6 15:52:49 2009	(r13739, copy source)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/all/e1000-add-missing-length-check-to-e1000-receive-routine.patch	Sat Jun  6 16:10:58 2009	(r13740)
@@ -28,14 +28,15 @@
     Tested-by: Andy Gospodarek <andy at greyhouse.net>
     Signed-off-by: David S. Miller <davem at davemloft.net>
 
-diff --git a/drivers/net/e1000/e1000_main.c b/drivers/net/e1000/e1000_main.c
-index b1419e2..fffb006 100644
---- a/drivers/net/e1000/e1000_main.c
-+++ b/drivers/net/e1000/e1000_main.c
-@@ -4027,8 +4027,9 @@ static bool e1000_clean_rx_irq(struct e1000_adapter *adapter,
- 		                 PCI_DMA_FROMDEVICE);
+Adjusted to apply to Debian's 2.6.18 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.18.orig/drivers/net/e1000/e1000_main.c linux-source-2.6.18/drivers/net/e1000/e1000_main.c
+--- linux-source-2.6.18.orig/drivers/net/e1000/e1000_main.c	2008-12-25 14:04:14.000000000 -0700
++++ linux-source-2.6.18/drivers/net/e1000/e1000_main.c	2009-06-06 10:00:41.000000000 -0600
+@@ -3680,8 +3680,9 @@ e1000_clean_rx_irq(struct e1000_adapter 
  
- 		length = le16_to_cpu(rx_desc->length);
+ 		/* adjust length to remove Ethernet CRC */
+ 		length -= 4;
 -
 -		if (unlikely(!(status & E1000_RXD_STAT_EOP))) {
 +		/* !EOP means multiple descriptors were used to store a single

Added: dists/etch-security/linux-2.6/debian/patches/series/24etch3
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/etch-security/linux-2.6/debian/patches/series/24etch3	Sat Jun  6 16:10:58 2009	(r13740)
@@ -0,0 +1 @@
++ bugfix/all/e1000-add-missing-length-check-to-e1000-receive-routine.patch

More information about the Kernel-svn-changes mailing list