FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 06-13-2011, 10:58 AM
Andy Whitcroft
 
Default can: Add missing socket check in can/bcm release.

CVE-2011-1598
The bcm_release function in net/can/bcm.c in the Linux kernel
before 2.6.39-rc6 does not properly validate a socket data
structure, which allows local users to cause a denial of service
(NULL pointer dereference) or possibly have unspecified other
impact via a crafted release operation.

This is fixed by the upstream commit below:

commit c6914a6f261aca0c9f715f883a353ae7ff51fe83
Author: Dave Jones <davej@redhat.com>
Date: Tue Apr 19 20:36:59 2011 -0700

can: Add missing socket check in can/bcm release.

We can get here with a NULL socket argument passed from userspace,
so we need to handle it accordingly.

Signed-off-by: Dave Jones <davej@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

This commit has hit Lucid, Natty, and Oneric via mainline/stable updates.
Hardy is not affected as it does not have the can protocol. Lucid/ec2,
Lucid/mvl-dove, Maverick/mvl-dove, and Lucid/lts-backport-natty have all
received this fix via their parent. Fixes are therefore required for
Lucid/fsl-imx51, Maverick/master, Maverick/ti-omap4, and Natty/ti-omap4.

Following this email is a patch for all of the affected branches, this
is a clean cherry-pick from mainline.

Proposing for Lucid/fsl-imx51, Maverick/master, Maverick/ti-omap4,
and Natty/ti-omap4.

-apw

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 06-13-2011, 11:09 AM
Andy Whitcroft
 
Default can: Add missing socket check in can/bcm release.

Please ignore, will resend with the appropriate flyer.

-apw

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 01:07 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org