[kernel] r15166 - in dists/etch-security/linux-2.6/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Tue Feb 16 04:16:09 UTC 2010 

Author: dannf
Date: Tue Feb 16 04:16:07 2010
New Revision: 15166

Log:
fuse: prevent fuse_put_request on invalid pointer (CVE-2009-4021)

Added:
   dists/etch-security/linux-2.6/debian/patches/bugfix/all/fuse-prevent-fuse_put_request-on-invalid-pointer.patch
Modified:
   dists/etch-security/linux-2.6/debian/changelog
   dists/etch-security/linux-2.6/debian/patches/series/26etch2

Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog	Tue Feb 16 03:45:59 2010	(r15165)
+++ dists/etch-security/linux-2.6/debian/changelog	Tue Feb 16 04:16:07 2010	(r15166)
@@ -5,6 +5,7 @@
     (CVE-2009-3726)
   * isdn: hfc_usb: Fix read buffer overflow (CVE-2009-4005)
   * hfs: fix a potential buffer overflow (CVE-2009-4020)
+  * fuse: prevent fuse_put_request on invalid pointer (CVE-2009-4021)
 
  -- dann frazier <dannf at debian.org>  Mon, 15 Feb 2010 18:32:14 -0700
 

Added: dists/etch-security/linux-2.6/debian/patches/bugfix/all/fuse-prevent-fuse_put_request-on-invalid-pointer.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/all/fuse-prevent-fuse_put_request-on-invalid-pointer.patch	Tue Feb 16 04:16:07 2010	(r15166)
@@ -0,0 +1,25 @@
+commit d3b0f009da0c56490efe58279a7656a613a36b6a
+Author: dann frazier <dannf at hp.com>
+Date:   Mon Feb 15 21:11:56 2010 -0700
+
+    [Adjusted to apply to Debian's 2.6.18]
+    commit f60311d5f7670d9539b424e4ed8b5c0872fc9e83
+    Author: Anand V. Avati <avati at gluster.com>
+    Date:   Thu Oct 22 06:24:52 2009 -0700
+    
+        fuse: prevent fuse_put_request on invalid pointer
+
+diff --git a/fs/fuse/file.c b/fs/fuse/file.c
+index 4e174c8..b39ddee 100644
+--- a/fs/fuse/file.c
++++ b/fs/fuse/file.c
+@@ -586,7 +586,8 @@ static ssize_t fuse_direct_io(struct file *file, const char __user *buf,
+ 				break;
+ 		}
+ 	}
+-	fuse_put_request(fc, req);
++	if (!IS_ERR(req))
++		fuse_put_request(fc, req);
+ 	if (res > 0) {
+ 		if (write) {
+ 			spin_lock(&fc->lock);

Modified: dists/etch-security/linux-2.6/debian/patches/series/26etch2
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/26etch2	Tue Feb 16 03:45:59 2010	(r15165)
+++ dists/etch-security/linux-2.6/debian/patches/series/26etch2	Tue Feb 16 04:16:07 2010	(r15166)
@@ -2,3 +2,4 @@
 + bugfix/all/nfsv4-buggy-server-oops.patch
 + bugfix/all/isdn-hfc_usb-fix-read-buffer-overflow.patch
 + bugfix/all/hfs-fix-a-potential-buffer-overflow.patch
++ bugfix/all/fuse-prevent-fuse_put_request-on-invalid-pointer.patch

More information about the Kernel-svn-changes mailing list