[kernel] r15062 - in dists/lenny-security/linux-2.6/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Sat Jan 30 00:10:38 UTC 2010 

Author: dannf
Date: Sat Jan 30 00:10:25 2010
New Revision: 15062

Log:
[SCSI] megaraid_sas: remove sysfs poll_mode_io world writeable
permissions (CVE-2009-3939)

Added:
   dists/lenny-security/linux-2.6/debian/patches/bugfix/all/megaraid_sas-remove-sysfs-poll_mode_io-world-writeable-perms.patch
Modified:
   dists/lenny-security/linux-2.6/debian/changelog
   dists/lenny-security/linux-2.6/debian/patches/series/21lenny1

Modified: dists/lenny-security/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny-security/linux-2.6/debian/changelog	Fri Jan 29 00:31:47 2010	(r15061)
+++ dists/lenny-security/linux-2.6/debian/changelog	Sat Jan 30 00:10:25 2010	(r15062)
@@ -5,6 +5,8 @@
   * e1000: enhance frame fragment detection (CVE-2009-4536)
   * e1000e: enhance frame fragment detection (CVE-2009-4538)
   * Fix several issues with mmap/mremap (CVE-2010-0291)
+  * [SCSI] megaraid_sas: remove sysfs poll_mode_io world writeable
+    permissions (CVE-2009-3939)
  
   [ Ben Hutchings ]
   * kernel/signal.c: fix kernel information leak with print-fatal-signals=1

Added: dists/lenny-security/linux-2.6/debian/patches/bugfix/all/megaraid_sas-remove-sysfs-poll_mode_io-world-writeable-perms.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/lenny-security/linux-2.6/debian/patches/bugfix/all/megaraid_sas-remove-sysfs-poll_mode_io-world-writeable-perms.patch	Sat Jan 30 00:10:25 2010	(r15062)
@@ -0,0 +1,30 @@
+commit bb7d3f24c71e528989501617651b669fbed798cb
+Author: Bryn M. Reeves <bmr at redhat.com>
+Date:   Thu Nov 12 18:31:54 2009 +0000
+
+    [SCSI] megaraid_sas: remove sysfs poll_mode_io world writeable permissions
+    
+    /sys/bus/pci/drivers/megaraid_sas/poll_mode_io defaults to being
+    world-writable, which seems bad (letting any user affect kernel driver
+    behavior).
+    
+    This turns off group and user write permissions, so that on typical
+    production systems only root can write to it.
+    
+    Signed-off-by: Bryn M. Reeves <bmr at redhat.com>
+    Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+
+Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.26.orig/drivers/scsi/megaraid/megaraid_sas.c linux-source-2.6.26/drivers/scsi/megaraid/megaraid_sas.c
+--- linux-source-2.6.26.orig/drivers/scsi/megaraid/megaraid_sas.c	2009-12-26 01:14:58.000000000 -0700
++++ linux-source-2.6.26/drivers/scsi/megaraid/megaraid_sas.c	2010-01-29 16:58:48.000000000 -0700
+@@ -3347,7 +3347,7 @@ out:
+ 	return retval;
+ }
+ 
+-static DRIVER_ATTR(poll_mode_io, S_IRUGO|S_IWUGO,
++static DRIVER_ATTR(poll_mode_io, S_IRUGO|S_IWUSR,
+ 		megasas_sysfs_show_poll_mode_io,
+ 		megasas_sysfs_set_poll_mode_io);
+ 

Modified: dists/lenny-security/linux-2.6/debian/patches/series/21lenny1
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/series/21lenny1	Fri Jan 29 00:31:47 2010	(r15061)
+++ dists/lenny-security/linux-2.6/debian/patches/series/21lenny1	Sat Jan 30 00:10:25 2010	(r15062)
@@ -4,3 +4,4 @@
 + bugfix/all/e1000-enhance-frame-fragment-detection.patch
 + bugfix/all/e1000e-enhance-frame-fragment-detection.patch
 + bugfix/all/untangle-the-do_mremap-mess.patch
++ bugfix/all/megaraid_sas-remove-sysfs-poll_mode_io-world-writeable-perms.patch

More information about the Kernel-svn-changes mailing list