[kernel] r14547 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Wed Nov 4 20:21:49 UTC 2009 

Author: dannf
Date: Wed Nov  4 20:21:47 2009
New Revision: 14547

Log:
AF_UNIX: Fix deadlock on connecting to shutdown socket (CVE-2009-3621)

Added:
   dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/af_unix-fix-deadlock-on-connecting-to-shutdown-socket.patch
      - copied, changed from r14544, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/af_unix-fix-deadlock-on-connecting-to-shutdown-socket.patch
Modified:
   dists/etch-security/linux-2.6.24/debian/changelog
   dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch4

Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog	Wed Nov  4 20:07:46 2009	(r14546)
+++ dists/etch-security/linux-2.6.24/debian/changelog	Wed Nov  4 20:21:47 2009	(r14547)
@@ -11,6 +11,7 @@
   * eCryptfs: Prevent lower dentry from going negative during unlink
     (CVE-2009-2908)
   * fs: pipe.c null pointer dereference (CVE-2009-3547)
+  * AF_UNIX: Fix deadlock on connecting to shutdown socket (CVE-2009-3621)
 
  -- dann frazier <dannf at debian.org>  Tue, 27 Oct 2009 22:41:25 -0600
 

Copied and modified: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/af_unix-fix-deadlock-on-connecting-to-shutdown-socket.patch (from r14544, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/af_unix-fix-deadlock-on-connecting-to-shutdown-socket.patch)
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/bugfix/all/af_unix-fix-deadlock-on-connecting-to-shutdown-socket.patch	Wed Nov  4 16:57:25 2009	(r14544, copy source)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/af_unix-fix-deadlock-on-connecting-to-shutdown-socket.patch	Wed Nov  4 20:21:47 2009	(r14547)
@@ -68,16 +68,17 @@
     Signed-off-by: Masanori Yoshida <masanori.yoshida.tv at hitachi.com>
     Signed-off-by: David S. Miller <davem at davemloft.net>
 
-diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
-index 51ab497..fc820cd 100644
---- a/net/unix/af_unix.c
-+++ b/net/unix/af_unix.c
-@@ -1074,6 +1074,8 @@ restart:
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.24.orig/net/unix/af_unix.c linux-source-2.6.24/net/unix/af_unix.c
+--- linux-source-2.6.24.orig/net/unix/af_unix.c	2008-01-24 15:58:37.000000000 -0700
++++ linux-source-2.6.24/net/unix/af_unix.c	2009-11-04 13:05:18.000000000 -0700
+@@ -1071,6 +1071,8 @@ restart:
  	err = -ECONNREFUSED;
  	if (other->sk_state != TCP_LISTEN)
  		goto out_unlock;
 +	if (other->sk_shutdown & RCV_SHUTDOWN)
 +		goto out_unlock;
  
- 	if (unix_recvq_full(other)) {
- 		err = -EAGAIN;
+ 	if (skb_queue_len(&other->sk_receive_queue) >
+ 	    other->sk_max_ack_backlog) {

Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch4
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch4	Wed Nov  4 20:07:46 2009	(r14546)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch4	Wed Nov  4 20:21:47 2009	(r14547)
@@ -6,3 +6,4 @@
 + bugfix/all/appletalk-fix-skb-leak-when-ipddp-interface-is-not-loaded.patch
 + bugfix/all/ecryptfs-prevent-lower-dentry-from-going-negative-during-unlink.patch
 + bugfix/all/fs-pipe-null-pointer-dereference.patch
++ bugfix/all/af_unix-fix-deadlock-on-connecting-to-shutdown-socket.patch

More information about the Kernel-svn-changes mailing list