[kernel] r14544 - in dists/lenny-security/linux-2.6/debian: . patches/bugfix/all patches/series

Wed Nov 4 16:57:27 UTC 2009

Author: dannf
Date: Wed Nov  4 16:57:25 2009
New Revision: 14544

Log:
uvesafb/connector: Disallow unpliviged users to send netlink packets
(CVE-2009-3725)

Added:
   dists/lenny-security/linux-2.6/debian/patches/bugfix/all/uvesafb+connector-disallow-unprivileged-users-to-send-netlink-packets.patch
Modified:
   dists/lenny-security/linux-2.6/debian/changelog
   dists/lenny-security/linux-2.6/debian/patches/series/19lenny2

Modified: dists/lenny-security/linux-2.6/debian/changelog
==============================================================================

--- dists/lenny-security/linux-2.6/debian/changelog	Wed Nov  4 16:54:45 2009	(r14543)
+++ dists/lenny-security/linux-2.6/debian/changelog	Wed Nov  4 16:57:25 2009	(r14544)
@@ -8,6 +8,8 @@
   * AF_UNIX: Fix deadlock on connecting to shutdown socket (CVE-2009-3621)
   * fs: pipe.c null pointer dereference (CVE-2009-3547)
   * KVM: Prevent overflow in KVM_GET_SUPPORTED_CPUID (CVE-2009-3638)
+  * uvesafb/connector: Disallow unpliviged users to send netlink packets
+    (CVE-2009-3725)
 
  -- dann frazier <dannf at debian.org>  Tue, 27 Oct 2009 21:33:02 -0600
 

Added: dists/lenny-security/linux-2.6/debian/patches/bugfix/all/uvesafb+connector-disallow-unprivileged-users-to-send-netlink-packets.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/lenny-security/linux-2.6/debian/patches/bugfix/all/uvesafb+connector-disallow-unprivileged-users-to-send-netlink-packets.patch	Wed Nov  4 16:57:25 2009	(r14544)
@@ -0,0 +1,23 @@
+commit cc44578b5a508889beb8ae3ccd4d2bbdf17bc86c
+Author: Philipp Reisner <philipp.reisner at linbit.com>
+Date:   Fri Oct 2 02:40:11 2009 +0000
+
+    uvesafb/connector: Disallow unpliviged users to send netlink packets
+    
+    Signed-off-by: Philipp Reisner <philipp.reisner at linbit.com>
+    Signed-off-by: David S. Miller <davem at davemloft.net>
+
+diff --git a/drivers/video/uvesafb.c b/drivers/video/uvesafb.c
+index aa7cd95..e35232a 100644
+--- a/drivers/video/uvesafb.c
++++ b/drivers/video/uvesafb.c
+@@ -72,6 +72,9 @@ static void uvesafb_cn_callback(struct cn_msg *msg, struct netlink_skb_parms *ns
+ 	struct uvesafb_task *utask;
+ 	struct uvesafb_ktask *task;
+ 
++	if (!cap_raised(nsp->eff_cap, CAP_SYS_ADMIN))
++		return;
++
+ 	if (msg->seq >= UVESAFB_TASKS_MAX)
+ 		return;
+ 

Modified: dists/lenny-security/linux-2.6/debian/patches/series/19lenny2
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/series/19lenny2	Wed Nov  4 16:54:45 2009	(r14543)
+++ dists/lenny-security/linux-2.6/debian/patches/series/19lenny2	Wed Nov  4 16:57:25 2009	(r14544)
@@ -5,3 +5,4 @@
 + bugfix/all/af_unix-fix-deadlock-on-connecting-to-shutdown-socket.patch
 + bugfix/all/fs-pipe-null-pointer-dereference.patch
 + bugfix/x86/kvm-prevent-overflow-in-KVM_GET_SUPPORTED_CPUID.patch
++ bugfix/all/uvesafb+connector-disallow-unprivileged-users-to-send-netlink-packets.patch

