2.6.13.2: Was: Two more kernel related DoS vulnerabilities

To: Moritz Muehlenhoff <jmm@inutil.org>
Cc: debian-kernel@lists.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org
Subject: 2.6.13.2: Was: Two more kernel related DoS vulnerabilities
From: Horms <horms@debian.org>
Date: Tue, 20 Sep 2005 19:22:27 +0900
Message-id: <[🔎] 20050920102226.GA20605@verge.net.au>
Mail-followup-to: Moritz Muehlenhoff <jmm@inutil.org>, debian-kernel@lists.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org
In-reply-to: <[🔎] 20050915083106.GA5475@informatik.uni-bremen.de>
References: <[🔎] 20050915083106.GA5475@informatik.uni-bremen.de>

On Thu, Sep 15, 2005 at 10:31:06AM +0200, Moritz Muehlenhoff wrote:
> Hi Horms,
> two more potential local DoS issues from the current review round
> of patches for the next .13 stable release:

Thanks,

sorry to be a bit slow. These showed up in 2.6.13.2 which I ended
up getting to before your message. They are now included in
SVN for 2.6.12 and 2.6.13. I'll look into 2.6.8 and 2.4.27 a bit later.

In the mean time, here is my breakdown of 2.6.13.2
I didn't see anything that looked like a security
problem, other than the two you already pointed out.
Could we get some CAN numbers happening for them?

-- 
Horms

2.6.13.2
URL: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git;a=tree;h=0a3c0657b4270443336144ae79b095240e6aedea;hb=f15e7ac28ffe32c1e0e07d41fe792bac02913713;f=2.6.13.2

Description: [SECURITY] lost fput in 32bit ioctl on x86-64
File: lost-fput-in-32bit-ioctl-on-x86-64.patch
Security: Yes; local DoS
2.6.12: applied

Description: [SECURITY] lost sockfd_put() in routing_ioctl()
File: lost-sockfd_put-in-32bit-compat-routing_ioctl.patch
Security: Yes; local DoS
2.6.12: applied

Description: forcedeth: Initialize link settings in every nv_open()
File: forcedeth-init-link-settings-in-nv_open.patch
Security: No
2.6.12: applied

Description: hpt366: write the full 4 bytes of ROM address, not just low 1 byte
File: hpt366-write-dword-not-byte-for-ROM-resource.patch
Security: No
2.6.12: not applicable; seems to have been introduced between 2.6.12 and 2.6.13

Description: Sun GEM ethernet: enable and map PCI ROM properly
File: sungem-enable-and-map-pci-rom-properly.patch
Security: No
2.6.12: applied; #322734

Description: Sun HME: enable and map PCI ROM properly
File: sunhme-enable-and-map-pci-rom-properly.patch
Security: No
2.6.12: applied

Description: Sun HME: enable and map PCI ROM properly
File: sunhme-enable-and-map-pci-rom-properly.patch
Security: No
2.6.12: applied

Description: Fix DHCP + MASQUERADE problem
File: netfilter-fix-dhcp-masquerade-problem.patch
Security: No
2.6.12: not applicable; introduced between 2.6.12 and 2.6.13

Description: jfs_delete_inode must call clear_inode
File: jfs_delete_inode-must-call-clear_inode.patch
Security: No
2.6.12: not applicable; introduced between 2.6.12 and 2.6.13

Description: Fix MPOL_F_VERIFY
File: fix-MPOL_F_VERIFY.patch
Security: No
2.6.12: applied; backported to use verify_pages() instead of check_pgd_range()
                 Alternative is to pre-patch with
		 91612e0df20a52f61db3cac280c153311b36df7a from upstream,
		 but it is rather large

Description: Fix up more strange byte writes to the PCI_ROM_ADDRESS config word
File: fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch
Security: No
2.6.12: applied

Description: USB: ftdi_sio: custom baud rate fix
File: usb-ftdi_sio-baud-fix.patch
Security: No
2.6.12: not applicable; introduced between 2.6.12 and 2.6.13

Reply to:

References:
- Two more kernel related DoS vulnerabilities
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: Processed: Re: Bug#322734: patch?
Next by Date: Re: 2.6.12-7 upload ? How far away is 2.6.13-1 ?
Previous by thread: Two more kernel related DoS vulnerabilities
Next by thread: Re: [Secure-testing-team] kernel update
Index(es):
- Date
- Thread