[kernel] r15082 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Mon Feb 1 05:02:29 UTC 2010 

Author: dannf
Date: Mon Feb  1 05:02:25 2010
New Revision: 15082

Log:
kernel/signal.c: fix kernel information leak with print-fatal-signals=1
(CVE-2010-0003)

Added:
   dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch
      - copied, changed from r15068, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch
Modified:
   dists/etch-security/linux-2.6.24/debian/changelog
   dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2

Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog	Mon Feb  1 04:55:19 2010	(r15081)
+++ dists/etch-security/linux-2.6.24/debian/changelog	Mon Feb  1 05:02:25 2010	(r15082)
@@ -18,6 +18,8 @@
     (CVE-2009-4308)
   * e1000: enhance frame fragment detection (CVE-2009-4536)
   * e1000e: enhance frame fragment detection (CVE-2009-4538)
+  * kernel/signal.c: fix kernel information leak with print-fatal-signals=1
+    (CVE-2010-0003)
 
  -- dann frazier <dannf at debian.org>  Sun, 31 Jan 2010 17:17:52 -0700
 

Copied and modified: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch (from r15068, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch)
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch	Sun Jan 31 21:26:06 2010	(r15068, copy source)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch	Mon Feb  1 05:02:25 2010	(r15082)
@@ -33,20 +33,18 @@
  kernel/signal.c |    3 ++-
  1 files changed, 2 insertions(+), 1 deletions(-)
 
-diff --git a/kernel/signal.c b/kernel/signal.c
-index de2b649..efcdc95 100644
---- a/kernel/signal.c
-+++ b/kernel/signal.c
-@@ -884,7 +884,8 @@ static void print_fatal_signal(struct pt_regs *regs, int signr)
+Backported to Debian's 2.6.24 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.24.orig/kernel/signal.c linux-source-2.6.24/kernel/signal.c
+--- linux-source-2.6.24.orig/kernel/signal.c	2009-11-04 18:42:06.000000000 -0700
++++ linux-source-2.6.24/kernel/signal.c	2010-01-31 21:59:26.000000000 -0700
+@@ -739,7 +739,8 @@ static void print_fatal_signal(struct pt
  		for (i = 0; i < 16; i++) {
  			unsigned char insn;
  
--			__get_user(insn, (unsigned char *)(regs->ip + i));
-+			if (get_user(insn, (unsigned char *)(regs->ip + i)))
+-			__get_user(insn, (unsigned char *)(regs->eip + i));
++			if (get_user(insn, (unsigned char *)(regs->eip + i)))
 +				break;
  			printk("%02x ", insn);
  		}
  	}
--- 
-1.6.6
-

Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2	Mon Feb  1 04:55:19 2010	(r15081)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2	Mon Feb  1 05:02:25 2010	(r15082)
@@ -15,3 +15,4 @@
 + bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch
 + bugfix/all/e1000-enhance-frame-fragment-detection.patch
 + bugfix/all/e1000e-enhance-frame-fragment-detection.patch
++ bugfix/all/signal-fix-information-leak-with-print-fatal-signals.patch

More information about the Kernel-svn-changes mailing list