[kernel] r15156 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Mon Feb 15 20:05:52 UTC 2010 

Author: dannf
Date: Mon Feb 15 20:05:46 2010
New Revision: 15156

Log:
Fix potential crash with sys_move_pages (CVE-2010-0415)

Added:
   dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/fix-potential-crash-with-sys_move_pages.patch
Modified:
   dists/etch-security/linux-2.6.24/debian/changelog
   dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2

Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog	Mon Feb 15 19:58:13 2010	(r15155)
+++ dists/etch-security/linux-2.6.24/debian/changelog	Mon Feb 15 20:05:46 2010	(r15156)
@@ -24,6 +24,7 @@
   * Fix several issues with mmap/mremap (CVE-2010-0291)
   * futex: Handle user space corruption gracefully (CVE-2010-0622)
   * connector: Delete buggy notification code. (CVE-2010-0410)
+  * Fix potential crash with sys_move_pages (CVE-2010-0415)
 
  -- dann frazier <dannf at debian.org>  Sun, 31 Jan 2010 17:17:52 -0700
 

Added: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/fix-potential-crash-with-sys_move_pages.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/fix-potential-crash-with-sys_move_pages.patch	Mon Feb 15 20:05:46 2010	(r15156)
@@ -0,0 +1,26 @@
+commit 664d190d219b6f20063058f6ecdc950cbe54716e
+Author: dann frazier <dannf at hp.com>
+Date:   Sun Feb 14 13:30:59 2010 -0700
+
+    commit 6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0
+    Author: Linus Torvalds <torvalds at linux-foundation.org>
+    Date:   Fri Feb 5 16:16:50 2010 -0800
+    
+       Fix potential crash with sys_move_pages
+    
+    [Adjusted to apply to Debian's 2.6.24]
+
+diff --git a/mm/migrate.c b/mm/migrate.c
+index 9c89275..a552f4b 100644
+--- a/mm/migrate.c
++++ b/mm/migrate.c
+@@ -998,6 +998,9 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages,
+ 				goto out;
+ 
+ 			err = -ENODEV;
++			if (node < 0 || node >= MAX_NUMNODES)
++				goto out;
++
+ 			if (!node_state(node, N_HIGH_MEMORY))
+ 				goto out;
+ 

Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2	Mon Feb 15 19:58:13 2010	(r15155)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2	Mon Feb 15 20:05:46 2010	(r15156)
@@ -21,3 +21,4 @@
 + bugfix/all/futex-handle-user-space-corruption-gracefully.patch
 + bugfix/all/connector-delete-buggy-notification-code.patch
 + bugfix/all/mm-fix-uninitialized-vars-for-find_vma_prepare-callers.patch
++ bugfix/all/fix-potential-crash-with-sys_move_pages.patch

More information about the Kernel-svn-changes mailing list