FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 06-13-2011, 10:58 AM
Andy Whitcroft
 
Default can: Add missing socket check in can/bcm release.

From: Dave Jones <davej@redhat.com>

We can get here with a NULL socket argument passed from userspace,
so we need to handle it accordingly.

Signed-off-by: Dave Jones <davej@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

(cherry picked from commit c6914a6f261aca0c9f715f883a353ae7ff51fe83)
CVE-2011-1598
BugLink: http://bugs.launchpad.net/bugs/796502
Signed-off-by: Andy Whitcroft <apw@canonical.com>
---
net/can/bcm.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/net/can/bcm.c b/net/can/bcm.c
index 9d5e8ac..56d20a2 100644
--- a/net/can/bcm.c
+++ b/net/can/bcm.c
@@ -1424,9 +1424,14 @@ static int bcm_init(struct sock *sk)
static int bcm_release(struct socket *sock)
{
struct sock *sk = sock->sk;
- struct bcm_sock *bo = bcm_sk(sk);
+ struct bcm_sock *bo;
struct bcm_op *op, *next;

+ if (sk == NULL)
+ return 0;
+
+ bo = bcm_sk(sk);
+
/* remove bcm_ops, timer, rx_unregister(), etc. */

unregister_netdevice_notifier(&bo->notifier);
--
1.7.4.1


--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 06-13-2011, 01:41 PM
Leann Ogasawara
 
Default can: Add missing socket check in can/bcm release.

On Mon, 2011-06-13 at 11:58 +0100, Andy Whitcroft wrote:
> From: Dave Jones <davej@redhat.com>
>
> We can get here with a NULL socket argument passed from userspace,
> so we need to handle it accordingly.
>
> Signed-off-by: Dave Jones <davej@redhat.com>
> Signed-off-by: David S. Miller <davem@davemloft.net>
>
> (cherry picked from commit c6914a6f261aca0c9f715f883a353ae7ff51fe83)
> CVE-2011-1598
> BugLink: http://bugs.launchpad.net/bugs/796502
> Signed-off-by: Andy Whitcroft <apw@canonical.com>

Acked-by: Leann Ogasawara <leann.ogasawara@canonical.com>

> ---
> net/can/bcm.c | 7 ++++++-
> 1 files changed, 6 insertions(+), 1 deletions(-)
>
> diff --git a/net/can/bcm.c b/net/can/bcm.c
> index 9d5e8ac..56d20a2 100644
> --- a/net/can/bcm.c
> +++ b/net/can/bcm.c
> @@ -1424,9 +1424,14 @@ static int bcm_init(struct sock *sk)
> static int bcm_release(struct socket *sock)
> {
> struct sock *sk = sock->sk;
> - struct bcm_sock *bo = bcm_sk(sk);
> + struct bcm_sock *bo;
> struct bcm_op *op, *next;
>
> + if (sk == NULL)
> + return 0;
> +
> + bo = bcm_sk(sk);
> +
> /* remove bcm_ops, timer, rx_unregister(), etc. */
>
> unregister_netdevice_notifier(&bo->notifier);
> --
> 1.7.4.1
>
>



--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 06-13-2011, 01:41 PM
Leann Ogasawara
 
Default can: Add missing socket check in can/bcm release.

On Mon, 2011-06-13 at 11:58 +0100, Andy Whitcroft wrote:
> From: Dave Jones <davej@redhat.com>
>
> We can get here with a NULL socket argument passed from userspace,
> so we need to handle it accordingly.
>
> Signed-off-by: Dave Jones <davej@redhat.com>
> Signed-off-by: David S. Miller <davem@davemloft.net>
>
> (cherry picked from commit c6914a6f261aca0c9f715f883a353ae7ff51fe83)
> CVE-2011-1598
> BugLink: http://bugs.launchpad.net/bugs/796502
> Signed-off-by: Andy Whitcroft <apw@canonical.com>

Acked-by: Leann Ogasawara <leann.ogasawara@canonical.com>

> ---
> net/can/bcm.c | 7 ++++++-
> 1 files changed, 6 insertions(+), 1 deletions(-)
>
> diff --git a/net/can/bcm.c b/net/can/bcm.c
> index 9d5e8ac..56d20a2 100644
> --- a/net/can/bcm.c
> +++ b/net/can/bcm.c
> @@ -1424,9 +1424,14 @@ static int bcm_init(struct sock *sk)
> static int bcm_release(struct socket *sock)
> {
> struct sock *sk = sock->sk;
> - struct bcm_sock *bo = bcm_sk(sk);
> + struct bcm_sock *bo;
> struct bcm_op *op, *next;
>
> + if (sk == NULL)
> + return 0;
> +
> + bo = bcm_sk(sk);
> +
> /* remove bcm_ops, timer, rx_unregister(), etc. */
>
> unregister_netdevice_notifier(&bo->notifier);
> --
> 1.7.4.1
>
>



--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 06-14-2011, 07:57 AM
Stefan Bader
 
Default can: Add missing socket check in can/bcm release.

On 13.06.2011 12:58, Andy Whitcroft wrote:
> From: Dave Jones <davej@redhat.com>
>
> We can get here with a NULL socket argument passed from userspace,
> so we need to handle it accordingly.
>
> Signed-off-by: Dave Jones <davej@redhat.com>
> Signed-off-by: David S. Miller <davem@davemloft.net>
>
> (cherry picked from commit c6914a6f261aca0c9f715f883a353ae7ff51fe83)
> CVE-2011-1598
> BugLink: http://bugs.launchpad.net/bugs/796502
> Signed-off-by: Andy Whitcroft <apw@canonical.com>
> ---
> net/can/bcm.c | 7 ++++++-
> 1 files changed, 6 insertions(+), 1 deletions(-)
>
> diff --git a/net/can/bcm.c b/net/can/bcm.c
> index 9d5e8ac..56d20a2 100644
> --- a/net/can/bcm.c
> +++ b/net/can/bcm.c
> @@ -1424,9 +1424,14 @@ static int bcm_init(struct sock *sk)
> static int bcm_release(struct socket *sock)
> {
> struct sock *sk = sock->sk;
> - struct bcm_sock *bo = bcm_sk(sk);
> + struct bcm_sock *bo;
> struct bcm_op *op, *next;
>
> + if (sk == NULL)
> + return 0;
> +
> + bo = bcm_sk(sk);
> +
> /* remove bcm_ops, timer, rx_unregister(), etc. */
>
> unregister_netdevice_notifier(&bo->notifier);

Acked-by: Stefan Bader <stefan.bader@canonical.com>

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 06-14-2011, 08:25 AM
Andy Whitcroft
 
Default can: Add missing socket check in can/bcm release.

Applied to lucid/fsl-imx51, maverick, maverick/ti-omap4, and
natty/ti-omap4.

-apw

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 12:40 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org