[kernel] r14570 - in dists/etch-security/linux-2.6/debian: . patches/bugfix/all patches/series

Thu Nov 5 02:42:38 UTC 2009

Author: dannf
Date: Thu Nov  5 02:42:37 2009
New Revision: 14570

Log:
fix information leak in llc_ui_getname (CVE-2009-3001)

Added:
   dists/etch-security/linux-2.6/debian/patches/bugfix/all/net-llc-zero-sockaddr_llc-struct.patch
      - copied unchanged from r14564, dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/net-llc-zero-sockaddr_llc-struct.patch
Modified:
   dists/etch-security/linux-2.6/debian/changelog
   dists/etch-security/linux-2.6/debian/patches/series/26etch1

Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================

--- dists/etch-security/linux-2.6/debian/changelog	Thu Nov  5 02:33:41 2009	(r14569)
+++ dists/etch-security/linux-2.6/debian/changelog	Thu Nov  5 02:42:37 2009	(r14570)
@@ -2,6 +2,7 @@
 
   * [s390] Fix missing capability check in z90crypt driver (CVE-2009-1883)
   * net ax25: Fix signed comparison in the sockopt handler (CVE-2009-2909)
+  * fix information leak in llc_ui_getname (CVE-2009-3001)
 
  -- dann frazier <dannf at debian.org>  Tue, 15 Sep 2009 22:19:58 -0600
 

Copied: dists/etch-security/linux-2.6/debian/patches/bugfix/all/net-llc-zero-sockaddr_llc-struct.patch (from r14564, dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/net-llc-zero-sockaddr_llc-struct.patch)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/all/net-llc-zero-sockaddr_llc-struct.patch	Thu Nov  5 02:42:37 2009	(r14570, copy of r14564, dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/net-llc-zero-sockaddr_llc-struct.patch)
@@ -0,0 +1,24 @@
+commit 28e9fc592cb8c7a43e4d3147b38be6032a0e81bc
+Author: Jiri Slaby <jirislaby at gmail.com>
+Date:   Sun Aug 23 22:55:51 2009 -0700
+
+    NET: llc, zero sockaddr_llc struct
+    
+    sllc_arphrd member of sockaddr_llc might not be changed. Zero sllc
+    before copying to the above layer's structure.
+    
+    Signed-off-by: Jiri Slaby <jirislaby at gmail.com>
+    Signed-off-by: David S. Miller <davem at davemloft.net>
+
+diff --git a/net/llc/af_llc.c b/net/llc/af_llc.c
+index 9208cf5..c45eee1 100644
+--- a/net/llc/af_llc.c
++++ b/net/llc/af_llc.c
+@@ -914,6 +914,7 @@ static int llc_ui_getname(struct socket *sock, struct sockaddr *uaddr,
+ 	struct llc_sock *llc = llc_sk(sk);
+ 	int rc = 0;
+ 
++	memset(&sllc, 0, sizeof(sllc));
+ 	lock_sock(sk);
+ 	if (sock_flag(sk, SOCK_ZAPPED))
+ 		goto out;

Modified: dists/etch-security/linux-2.6/debian/patches/series/26etch1
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/26etch1	Thu Nov  5 02:33:41 2009	(r14569)
+++ dists/etch-security/linux-2.6/debian/patches/series/26etch1	Thu Nov  5 02:42:37 2009	(r14570)
@@ -1,2 +1,3 @@
 + bugfix/s390/z90crypt-missing-cap-check.patch
 + bugfix/all/net-ax25-fix-signed-comparison-in-the-sockopt-handler.patch
++ bugfix/all/net-llc-zero-sockaddr_llc-struct.patch

