[kernel] r17614 - in dists/lenny-security/linux-2.6/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Mon Jun 6 03:30:24 UTC 2011
Author: dannf
Date: Mon Jun 6 03:30:23 2011
New Revision: 17614
Log:
fs/partitions/ldm.c: fix oops caused by corrupted partition table
(CVE-2011-1017)
Added:
dists/lenny-security/linux-2.6/debian/patches/bugfix/all/partitions-ldm-fix-oops-caused-by-corrupted-partition-table.patch
- copied, changed from r17590, dists/squeeze-security/linux-2.6/debian/patches/bugfix/all/partitions-ldm-fix-oops-caused-by-corrupted-partition-table.patch
Modified:
dists/lenny-security/linux-2.6/debian/changelog
dists/lenny-security/linux-2.6/debian/patches/series/26lenny3
Modified: dists/lenny-security/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny-security/linux-2.6/debian/changelog Mon Jun 6 03:20:26 2011 (r17613)
+++ dists/lenny-security/linux-2.6/debian/changelog Mon Jun 6 03:30:23 2011 (r17614)
@@ -41,6 +41,8 @@
* [arm] 6891/1: prevent heap corruption in OABI semtimedop (CVE-2011-1759)
* gre: fix netns vs proto registration ordering (CVE-2011-1767)
* Validate size of EFI GUID partition entries (CVE-2011-1776)
+ * fs/partitions/ldm.c: fix oops caused by corrupted partition table
+ (CVE-2011-1017)
[ Ben Hutchings ]
* [vserver] Complete fix for CVE-2010-4243 (Closes: #618485)
Copied and modified: dists/lenny-security/linux-2.6/debian/patches/bugfix/all/partitions-ldm-fix-oops-caused-by-corrupted-partition-table.patch (from r17590, dists/squeeze-security/linux-2.6/debian/patches/bugfix/all/partitions-ldm-fix-oops-caused-by-corrupted-partition-table.patch)
==============================================================================
--- dists/squeeze-security/linux-2.6/debian/patches/bugfix/all/partitions-ldm-fix-oops-caused-by-corrupted-partition-table.patch Fri Jun 3 06:06:48 2011 (r17590, copy source)
+++ dists/lenny-security/linux-2.6/debian/patches/bugfix/all/partitions-ldm-fix-oops-caused-by-corrupted-partition-table.patch Mon Jun 6 03:30:23 2011 (r17614)
@@ -19,12 +19,12 @@
Cc: Richard Russon <rich at flatcap.org>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+ [dannf: backported to Debian's 2.6.26]
-diff --git a/fs/partitions/ldm.c b/fs/partitions/ldm.c
-index b10e354..ce4f624 100644
---- a/fs/partitions/ldm.c
-+++ b/fs/partitions/ldm.c
-@@ -1299,6 +1299,11 @@ static bool ldm_frag_add (const u8 *data, int size, struct list_head *frags)
+diff -urpN linux-source-2.6.26.orig/fs/partitions/ldm.c linux-source-2.6.26/fs/partitions/ldm.c
+--- linux-source-2.6.26.orig/fs/partitions/ldm.c 2008-07-13 15:51:29.000000000 -0600
++++ linux-source-2.6.26/fs/partitions/ldm.c 2011-06-05 21:23:22.003023825 -0600
+@@ -1294,6 +1294,11 @@ static bool ldm_frag_add (const u8 *data
BUG_ON (!data || !frags);
@@ -33,10 +33,10 @@
+ return false;
+ }
+
- group = get_unaligned_be32(data + 0x08);
- rec = get_unaligned_be16(data + 0x0C);
- num = get_unaligned_be16(data + 0x0E);
-@@ -1306,6 +1311,10 @@ static bool ldm_frag_add (const u8 *data, int size, struct list_head *frags)
+ group = BE32 (data + 0x08);
+ rec = BE16 (data + 0x0C);
+ num = BE16 (data + 0x0E);
+@@ -1301,6 +1306,10 @@ static bool ldm_frag_add (const u8 *data
ldm_error ("A VBLK claims to have %d parts.", num);
return false;
}
@@ -47,7 +47,7 @@
list_for_each (item, frags) {
f = list_entry (item, struct frag, list);
-@@ -1334,10 +1343,9 @@ found:
+@@ -1329,10 +1338,9 @@ found:
f->map |= (1 << rec);
Modified: dists/lenny-security/linux-2.6/debian/patches/series/26lenny3
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/series/26lenny3 Mon Jun 6 03:20:26 2011 (r17613)
+++ dists/lenny-security/linux-2.6/debian/patches/series/26lenny3 Mon Jun 6 03:30:23 2011 (r17614)
@@ -39,3 +39,4 @@
+ bugfix/arm/prevent-heap-corruption-in-OABI-semtimedop.patch
+ bugfix/all/gre-fix-netns-vs-proto-registration-ordering.patch
+ bugfix/all/validate-size-of-efi-guid-partition-entries.patch
++ bugfix/all/partitions-ldm-fix-oops-caused-by-corrupted-partition-table.patch
More information about the Kernel-svn-changes
mailing list