[kernel] r15157 - in dists/etch-security/linux-2.6/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Tue Feb 16 01:33:37 UTC 2010 

Author: dannf
Date: Tue Feb 16 01:33:25 2010
New Revision: 15157

Log:
[SCSI] gdth: Prevent negative offsets in ioctl (CVE-2009-3080)

Added:
   dists/etch-security/linux-2.6/debian/patches/bugfix/all/gdth-prevent-negative-offsets-in-ioctl.patch
   dists/etch-security/linux-2.6/debian/patches/series/26etch2
Modified:
   dists/etch-security/linux-2.6/debian/changelog

Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog	Mon Feb 15 20:05:46 2010	(r15156)
+++ dists/etch-security/linux-2.6/debian/changelog	Tue Feb 16 01:33:25 2010	(r15157)
@@ -1,3 +1,9 @@
+linux-2.6 (2.6.18.dfsg.1-26etch2) UNRELEASED; urgency=low
+
+  * [SCSI] gdth: Prevent negative offsets in ioctl (CVE-2009-3080)
+
+ -- dann frazier <dannf at debian.org>  Mon, 15 Feb 2010 18:32:14 -0700
+
 linux-2.6 (2.6.18.dfsg.1-26etch1) oldstable-security; urgency=high
 
   * [s390] Fix missing capability check in z90crypt driver (CVE-2009-1883)

Added: dists/etch-security/linux-2.6/debian/patches/bugfix/all/gdth-prevent-negative-offsets-in-ioctl.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/all/gdth-prevent-negative-offsets-in-ioctl.patch	Tue Feb 16 01:33:25 2010	(r15157)
@@ -0,0 +1,24 @@
+commit 2da3654aafd41854277da3927be7af21c2be1e71
+Author: dann frazier <dannf at hp.com>
+Date:   Mon Feb 15 18:30:42 2010 -0700
+
+    [Adjusted to apply to Debian's 2.6.18]
+    commit 690e744869f3262855b83b4fb59199cf142765b0
+    Author: Dave Jones <davej at redhat.com>
+    Date:   Mon Oct 19 19:55:13 2009 -0400
+    
+        [SCSI] gdth: Prevent negative offsets in ioctl CVE-2009-3080
+
+diff --git a/drivers/scsi/gdth.c b/drivers/scsi/gdth.c
+index 7471696..1b79b5c 100644
+--- a/drivers/scsi/gdth.c
++++ b/drivers/scsi/gdth.c
+@@ -3347,7 +3347,7 @@ static int gdth_read_event(gdth_ha_str *ha, int handle, gdth_evt_str *estr)
+         eindex = handle;
+     estr->event_source = 0;
+ 
+-    if (eindex >= MAX_EVENTS) {
++    if (eindex < 0 || eindex >= MAX_EVENTS) {
+         spin_unlock_irqrestore(&ha->smp_lock, flags);
+         return eindex;
+     }

Added: dists/etch-security/linux-2.6/debian/patches/series/26etch2
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/etch-security/linux-2.6/debian/patches/series/26etch2	Tue Feb 16 01:33:25 2010	(r15157)
@@ -0,0 +1 @@
++ bugfix/all/gdth-prevent-negative-offsets-in-ioctl.patch

More information about the Kernel-svn-changes mailing list