CAN-2004-1056 status at kernel.org ?

To: debian-security@lists.debian.org
Subject: CAN-2004-1056 status at kernel.org ?
From: Christophe Chisogne <christophe@publicityweb.com>
Date: Mon, 10 Jan 2005 13:03:23 +0100
Message-id: <[🔎] 41E26F0B.7050506@publicityweb.com>


A kernel vulnerability related to intel drms
(CAN-2004-1056 insufficient locking checks in DRM code),
has been reported by some vendors [5-7].

It seems to have been fixed in kernel-source-2.6.8-11,
and will be fixed by a backport to kernel-source-2.4.27-8
(also fixes CAN-2004-1235 about uselib) [1-3]

What's the status of that DRM bug at kernel.org :
is it included in some vanilla kernels (2.4 or 2.6)?
I dont see anything in kernel.org Changelogs, and only
found out a cset [4] that seems related.

Christophe

PS Some infos I found about this

From [1]
  * 121_drm-locking-checks-1.diff 121_drm-locking-checks-2.diff:
     [SECURITY] Fix insufficient locking checks in DRM code;
     CAN-2004-1056
     (Fabio M. Di Nitto, Dann Frazier, Simon Horman).
     (Closes: Bug#285563)

From [2]
The fix for CAN-2004-1056, added in 2.6.8-11, also applies to 2.4
however, I don't think it will compile, because 2.4 doesn't define the
LOCK_TEST_WITH_RETURN() in drmP.h.

From [3]
kernel-source-2.6.8 (2.6.8-11) unstable; urgency=high
  * [SECURITY] Fix insufficient locking checks in DRM code;
    CAN-2004-1056.  Thanks to Fabio M. Di Nitto (Andres Salomon).

From [4]
# ChangeSet
#   2004/11/11 22:23:44+11:00 airlied@starflyer.(none)
#   drm: in-correct locking in intel drms

[1] Changelog kernel-source2.4.27
http://svn.debian.org/wsvn/kernel/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog?op=file&rev=0&sc=1

[2] Debian Bug report logs - #285563
kernel-source-2.4.27: drm locking fix missing in 2.4 kernels
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=285563

[3] Changelog kernel-source-2.6.8 (2.6.8-11)
http://packages.debian.org/changelogs/pool/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-11/changelog

[4] part of 2.6 changeset
http://kernel.org/pub/linux/kernel/v2.6/testing/cset/cset-airlied@starflyer.(none)|ChangeSet|20041111112344|59303.txt

[5] 2004-11-01
Security issue: insufficient locking checks in DRM code
https://bugs.freedesktop.org/show_bug.cgi?id=1803

[6] 2004-11-09
CAN-2004-1056 insufficient locking checks in DRM code
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=138534

[7] 2004-12-15
Bugzilla Bug 74464
Kernel Local X server DoS in DRM drivers (CAN-2004-1056)
http://bugs.gentoo.org/show_bug.cgi?id=74464

Reply to:

Prev by Date: unsubscribe
Next by Date: PLEASE NOTE: Brian Howe is away from the office
Previous by thread: Re: [PATCH] 2.4.28 and 2.6.10 PATCH FOR uselib() exploit
Next by thread: PLEASE NOTE: Brian Howe is away from the office
Index(es):
- Date
- Thread