[kernel] r15082 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Mon Feb 1 05:02:29 UTC 2010
Author: dannf
Date: Mon Feb 1 05:02:25 2010
New Revision: 15082
Log:
kernel/signal.c: fix kernel information leak with print-fatal-signals=1
(CVE-2010-0003)
Added:
dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch
- copied, changed from r15068, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch
Modified:
dists/etch-security/linux-2.6.24/debian/changelog
dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2
Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog Mon Feb 1 04:55:19 2010 (r15081)
+++ dists/etch-security/linux-2.6.24/debian/changelog Mon Feb 1 05:02:25 2010 (r15082)
@@ -18,6 +18,8 @@
(CVE-2009-4308)
* e1000: enhance frame fragment detection (CVE-2009-4536)
* e1000e: enhance frame fragment detection (CVE-2009-4538)
+ * kernel/signal.c: fix kernel information leak with print-fatal-signals=1
+ (CVE-2010-0003)
-- dann frazier <dannf at debian.org> Sun, 31 Jan 2010 17:17:52 -0700
Copied and modified: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch (from r15068, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch)
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch Sun Jan 31 21:26:06 2010 (r15068, copy source)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch Mon Feb 1 05:02:25 2010 (r15082)
@@ -33,20 +33,18 @@
kernel/signal.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
-diff --git a/kernel/signal.c b/kernel/signal.c
-index de2b649..efcdc95 100644
---- a/kernel/signal.c
-+++ b/kernel/signal.c
-@@ -884,7 +884,8 @@ static void print_fatal_signal(struct pt_regs *regs, int signr)
+Backported to Debian's 2.6.24 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.24.orig/kernel/signal.c linux-source-2.6.24/kernel/signal.c
+--- linux-source-2.6.24.orig/kernel/signal.c 2009-11-04 18:42:06.000000000 -0700
++++ linux-source-2.6.24/kernel/signal.c 2010-01-31 21:59:26.000000000 -0700
+@@ -739,7 +739,8 @@ static void print_fatal_signal(struct pt
for (i = 0; i < 16; i++) {
unsigned char insn;
-- __get_user(insn, (unsigned char *)(regs->ip + i));
-+ if (get_user(insn, (unsigned char *)(regs->ip + i)))
+- __get_user(insn, (unsigned char *)(regs->eip + i));
++ if (get_user(insn, (unsigned char *)(regs->eip + i)))
+ break;
printk("%02x ", insn);
}
}
---
-1.6.6
-
Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2 Mon Feb 1 04:55:19 2010 (r15081)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2 Mon Feb 1 05:02:25 2010 (r15082)
@@ -15,3 +15,4 @@
+ bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch
+ bugfix/all/e1000-enhance-frame-fragment-detection.patch
+ bugfix/all/e1000e-enhance-frame-fragment-detection.patch
++ bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch
More information about the Kernel-svn-changes
mailing list