[kernel] r14471 - in dists/lenny-security/linux-2.6/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Wed Oct 28 03:37:29 UTC 2009 

Author: dannf
Date: Wed Oct 28 03:37:26 2009
New Revision: 14471

Log:
tc: Fix uninitialized kernel memory leak (CVE-2009-3228)

Added:
   dists/lenny-security/linux-2.6/debian/patches/bugfix/all/tc-fix-pad-leak.patch
   dists/lenny-security/linux-2.6/debian/patches/series/19lenny2
Modified:
   dists/lenny-security/linux-2.6/debian/changelog

Modified: dists/lenny-security/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny-security/linux-2.6/debian/changelog	Wed Oct 28 01:27:56 2009	(r14470)
+++ dists/lenny-security/linux-2.6/debian/changelog	Wed Oct 28 03:37:26 2009	(r14471)
@@ -1,3 +1,9 @@
+linux-2.6 (2.6.26-19lenny2) UNRELEASED; urgency=high
+
+  * tc: Fix uninitialized kernel memory leak (CVE-2009-3228)
+
+ -- dann frazier <dannf at debian.org>  Tue, 27 Oct 2009 21:33:02 -0600
+
 linux-2.6 (2.6.26-19lenny1) stable-security; urgency=high
 
   * appletalk: Fix skb leak when ipddp interface is not loaded

Added: dists/lenny-security/linux-2.6/debian/patches/bugfix/all/tc-fix-pad-leak.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/lenny-security/linux-2.6/debian/patches/bugfix/all/tc-fix-pad-leak.patch	Wed Oct 28 03:37:26 2009	(r14471)
@@ -0,0 +1,26 @@
+commit 16ebb5e0b36ceadc8186f71d68b0c4fa4b6e781b
+Author: Eric Dumazet <eric.dumazet at gmail.com>
+Date:   Wed Sep 2 02:40:09 2009 +0000
+
+    tc: Fix unitialized kernel memory leak
+    
+    Three bytes of uninitialized kernel memory are currently leaked to user
+    
+    Signed-off-by: Eric Dumazet <eric.dumazet at gmail.com>
+    Reviewed-by: Jiri Pirko <jpirko at redhat.com>
+    Signed-off-by: David S. Miller <davem at davemloft.net>
+
+Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.26.orig/net/sched/sch_api.c linux-source-2.6.26/net/sched/sch_api.c
+--- linux-source-2.6.26.orig/net/sched/sch_api.c	2008-07-13 15:51:29.000000000 -0600
++++ linux-source-2.6.26/net/sched/sch_api.c	2009-10-27 21:31:09.000000000 -0600
+@@ -1080,6 +1080,8 @@ static int tc_fill_tclass(struct sk_buff
+ 	nlh = NLMSG_NEW(skb, pid, seq, event, sizeof(*tcm), flags);
+ 	tcm = NLMSG_DATA(nlh);
+ 	tcm->tcm_family = AF_UNSPEC;
++	tcm->tcm__pad1 = 0;
++	tcm->tcm__pad2 = 0;
+ 	tcm->tcm_ifindex = q->dev->ifindex;
+ 	tcm->tcm_parent = q->handle;
+ 	tcm->tcm_handle = q->handle;

Added: dists/lenny-security/linux-2.6/debian/patches/series/19lenny2
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/lenny-security/linux-2.6/debian/patches/series/19lenny2	Wed Oct 28 03:37:26 2009	(r14471)
@@ -0,0 +1 @@
++ bugfix/all/tc-fix-pad-leak.patch

More information about the Kernel-svn-changes mailing list