[gentoo-commits] linux-patches r2296 - in genpatches-2.6/trunk: 3.5 3.6 - gentoo-commits

From:	"Tom Wijsman (tomwij)" <tomwij@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] linux-patches r2296 - in genpatches-2.6/trunk: 3.5 3.6
Date:	Thu, 28 Feb 2013 20:36:13
Message-Id:	`20130228203608.C55F52171D@flycatcher.gentoo.org`

1

Author: tomwij

2

Date: 2013-02-28 20:35:05 +0000 (Thu, 28 Feb 2013)

3

New Revision: 2296

4

5

Added:

6

   genpatches-2.6/trunk/3.5/1500_sock-diag-out-of-bounds.patch

7

   genpatches-2.6/trunk/3.6/1500_sock-diag-out-of-bounds.patch

8

Modified:

9

   genpatches-2.6/trunk/3.5/0000_README

10

   genpatches-2.6/trunk/3.6/0000_README

11

Log:

12

Backport of 1500_sock-diag-out-of-bounds.patch to branches 3.5 and 3.6, bug #459124. - (CVE-2013-1763) sock_diag: Fix out-of-bounds access to sock_diag_handlers[]

13

14

Modified: genpatches-2.6/trunk/3.5/0000_README

15

===================================================================

16

--- genpatches-2.6/trunk/3.5/0000_README	2013-02-28 20:10:34 UTC (rev 2295)

17

+++ genpatches-2.6/trunk/3.5/0000_README	2013-02-28 20:35:05 UTC (rev 2296)

18

@@ -68,6 +68,10 @@

19

 From:   http://www.kernel.org

20

 Desc:   Linux 3.5.7

21

22

+Patch:	1500_sock-diag-out-of-bounds.patch

23

+From:	http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=commit;h=314561f4fe77ffad1b560a10cdfb3b6fdc731a74

24

+Desc:	(CVE-2013-1763) sock_diag: Fix out-of-bounds access to sock_diag_handlers[]

25

+

26

 Patch:  2400_kcopy-patch-for-infiniband-driver.patch

27

 From:   Alexey Shvetsov <alexxy@g.o>

28

 Desc:   Zero copy for infiniband psm userspace driver

29

30

Added: genpatches-2.6/trunk/3.5/1500_sock-diag-out-of-bounds.patch

31

===================================================================

32

--- genpatches-2.6/trunk/3.5/1500_sock-diag-out-of-bounds.patch	                        (rev 0)

33

+++ genpatches-2.6/trunk/3.5/1500_sock-diag-out-of-bounds.patch	2013-02-28 20:35:05 UTC (rev 2296)

34

@@ -0,0 +1,16 @@

35

+X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-stable.git;a=blobdiff_plain;f=net%2Fcore%2Fsock_diag.c;h=750f44f3aa3117b578af1377ff07abb79032a612;hp=602cd637182ebb321af6773d2ccfe9a8945d44c5;hb=314561f4fe77ffad1b560a10cdfb3b6fdc731a74;hpb=ca2656dccef64c437d6717468bffd3762b11816e

36

+

37

+diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c

38

+index 602cd63..750f44f 100644

39

+--- a/net/core/sock_diag.c

40

++++ b/net/core/sock_diag.c

41

+@@ -121,6 +121,9 @@ static int __sock_diag_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)

42

+ 	if (nlmsg_len(nlh) < sizeof(*req))

43

+ 		return -EINVAL;

44

+

45

++	if (req->sdiag_family >= AF_MAX)

46

++		return -EINVAL;

47

++

48

+ 	hndl = sock_diag_lock_handler(req->sdiag_family);

49

+ 	if (hndl == NULL)

50

+ 		err = -ENOENT;

51

52

Modified: genpatches-2.6/trunk/3.6/0000_README

53

===================================================================

54

--- genpatches-2.6/trunk/3.6/0000_README	2013-02-28 20:10:34 UTC (rev 2295)

55

+++ genpatches-2.6/trunk/3.6/0000_README	2013-02-28 20:35:05 UTC (rev 2296)

56

@@ -83,6 +83,10 @@

57

 From:   http://www.kernel.org

58

 Desc:   Linux 3.6.11

59

60

+Patch:	1500_sock-diag-out-of-bounds.patch

61

+From:	http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=commit;h=314561f4fe77ffad1b560a10cdfb3b6fdc731a74

62

+Desc:	(CVE-2013-1763) sock_diag: Fix out-of-bounds access to sock_diag_handlers[]

63

+

64

 Patch:  2400_kcopy-patch-for-infiniband-driver.patch

65

 From:   Alexey Shvetsov <alexxy@g.o>

66

 Desc:   Zero copy for infiniband psm userspace driver

67

68

Added: genpatches-2.6/trunk/3.6/1500_sock-diag-out-of-bounds.patch

69

===================================================================

70

--- genpatches-2.6/trunk/3.6/1500_sock-diag-out-of-bounds.patch	                        (rev 0)

71

+++ genpatches-2.6/trunk/3.6/1500_sock-diag-out-of-bounds.patch	2013-02-28 20:35:05 UTC (rev 2296)

72

@@ -0,0 +1,16 @@

73

+X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-stable.git;a=blobdiff_plain;f=net%2Fcore%2Fsock_diag.c;h=750f44f3aa3117b578af1377ff07abb79032a612;hp=602cd637182ebb321af6773d2ccfe9a8945d44c5;hb=314561f4fe77ffad1b560a10cdfb3b6fdc731a74;hpb=ca2656dccef64c437d6717468bffd3762b11816e

74

+

75

+diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c

76

+index 602cd63..750f44f 100644

77

+--- a/net/core/sock_diag.c

78

++++ b/net/core/sock_diag.c

79

+@@ -121,6 +121,9 @@ static int __sock_diag_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)

80

+ 	if (nlmsg_len(nlh) < sizeof(*req))

81

+ 		return -EINVAL;

82

+

83

++	if (req->sdiag_family >= AF_MAX)

84

++		return -EINVAL;

85

++

86

+ 	hndl = sock_diag_lock_handler(req->sdiag_family);

87

+ 	if (hndl == NULL)

88

+ 		err = -ENOENT;

1	Author: tomwij
2	Date: 2013-02-28 20:35:05 +0000 (Thu, 28 Feb 2013)
3	New Revision: 2296
4
5	Added:
6	genpatches-2.6/trunk/3.5/1500_sock-diag-out-of-bounds.patch
7	genpatches-2.6/trunk/3.6/1500_sock-diag-out-of-bounds.patch
8	Modified:
9	genpatches-2.6/trunk/3.5/0000_README
10	genpatches-2.6/trunk/3.6/0000_README
11	Log:
12	Backport of 1500_sock-diag-out-of-bounds.patch to branches 3.5 and 3.6, bug #459124. - (CVE-2013-1763) sock_diag: Fix out-of-bounds access to sock_diag_handlers[]
13
14	Modified: genpatches-2.6/trunk/3.5/0000_README
15	===================================================================
16	--- genpatches-2.6/trunk/3.5/0000_README 2013-02-28 20:10:34 UTC (rev 2295)
17	+++ genpatches-2.6/trunk/3.5/0000_README 2013-02-28 20:35:05 UTC (rev 2296)
18	@@ -68,6 +68,10 @@
19	From: http://www.kernel.org
20	Desc: Linux 3.5.7
21
22	+Patch: 1500_sock-diag-out-of-bounds.patch
23	+From: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=commit;h=314561f4fe77ffad1b560a10cdfb3b6fdc731a74
24	+Desc: (CVE-2013-1763) sock_diag: Fix out-of-bounds access to sock_diag_handlers[]
25	+
26	Patch: 2400_kcopy-patch-for-infiniband-driver.patch
27	From: Alexey Shvetsov <alexxy@g.o>
28	Desc: Zero copy for infiniband psm userspace driver
29
30	Added: genpatches-2.6/trunk/3.5/1500_sock-diag-out-of-bounds.patch
31	===================================================================
32	--- genpatches-2.6/trunk/3.5/1500_sock-diag-out-of-bounds.patch (rev 0)
33	+++ genpatches-2.6/trunk/3.5/1500_sock-diag-out-of-bounds.patch 2013-02-28 20:35:05 UTC (rev 2296)
34	@@ -0,0 +1,16 @@
35	+X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-stable.git;a=blobdiff_plain;f=net%2Fcore%2Fsock_diag.c;h=750f44f3aa3117b578af1377ff07abb79032a612;hp=602cd637182ebb321af6773d2ccfe9a8945d44c5;hb=314561f4fe77ffad1b560a10cdfb3b6fdc731a74;hpb=ca2656dccef64c437d6717468bffd3762b11816e
36	+
37	+diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c
38	+index 602cd63..750f44f 100644
39	+--- a/net/core/sock_diag.c
40	++++ b/net/core/sock_diag.c
41	+@@ -121,6 +121,9 @@ static int __sock_diag_rcv_msg(struct sk_buff skb, struct nlmsghdr nlh)
42	+ if (nlmsg_len(nlh) < sizeof(*req))
43	+ return -EINVAL;
44	+
45	++ if (req->sdiag_family >= AF_MAX)
46	++ return -EINVAL;
47	++
48	+ hndl = sock_diag_lock_handler(req->sdiag_family);
49	+ if (hndl == NULL)
50	+ err = -ENOENT;
51
52	Modified: genpatches-2.6/trunk/3.6/0000_README
53	===================================================================
54	--- genpatches-2.6/trunk/3.6/0000_README 2013-02-28 20:10:34 UTC (rev 2295)
55	+++ genpatches-2.6/trunk/3.6/0000_README 2013-02-28 20:35:05 UTC (rev 2296)
56	@@ -83,6 +83,10 @@
57	From: http://www.kernel.org
58	Desc: Linux 3.6.11
59
60	+Patch: 1500_sock-diag-out-of-bounds.patch
61	+From: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=commit;h=314561f4fe77ffad1b560a10cdfb3b6fdc731a74
62	+Desc: (CVE-2013-1763) sock_diag: Fix out-of-bounds access to sock_diag_handlers[]
63	+
64	Patch: 2400_kcopy-patch-for-infiniband-driver.patch
65	From: Alexey Shvetsov <alexxy@g.o>
66	Desc: Zero copy for infiniband psm userspace driver
67
68	Added: genpatches-2.6/trunk/3.6/1500_sock-diag-out-of-bounds.patch
69	===================================================================
70	--- genpatches-2.6/trunk/3.6/1500_sock-diag-out-of-bounds.patch (rev 0)
71	+++ genpatches-2.6/trunk/3.6/1500_sock-diag-out-of-bounds.patch 2013-02-28 20:35:05 UTC (rev 2296)
72	@@ -0,0 +1,16 @@
73	+X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-stable.git;a=blobdiff_plain;f=net%2Fcore%2Fsock_diag.c;h=750f44f3aa3117b578af1377ff07abb79032a612;hp=602cd637182ebb321af6773d2ccfe9a8945d44c5;hb=314561f4fe77ffad1b560a10cdfb3b6fdc731a74;hpb=ca2656dccef64c437d6717468bffd3762b11816e
74	+
75	+diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c
76	+index 602cd63..750f44f 100644
77	+--- a/net/core/sock_diag.c
78	++++ b/net/core/sock_diag.c
79	+@@ -121,6 +121,9 @@ static int __sock_diag_rcv_msg(struct sk_buff skb, struct nlmsghdr nlh)
80	+ if (nlmsg_len(nlh) < sizeof(*req))
81	+ return -EINVAL;
82	+
83	++ if (req->sdiag_family >= AF_MAX)
84	++ return -EINVAL;
85	++
86	+ hndl = sock_diag_lock_handler(req->sdiag_family);
87	+ if (hndl == NULL)
88	+ err = -ENOENT;

Gentoo Archives: gentoo-commits