Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Ubuntu Kernel Team (http://www.linux-archive.org/ubuntu-kernel-team/)
-   -   More CVEs (http://www.linux-archive.org/ubuntu-kernel-team/547896-more-cves.html)

07-04-2011 10:03 AM
More CVEs
 
From: Paolo Pisati <paolo.pisati@canonical.com>

All from lucid/master, proper buglink and kteam acks inside.

Dave Airlie (1):
drm: fix unsigned vs signed comparison issue in modeset ctl ioctl,
CVE-2011-1013

Oleg Nesterov (1):
exec: copy-and-paste the fixes into compat_do_execve() paths -
CVE-2010-NNN3

Paolo Pisati (1):
net: Limit socket I/O iovec total length to INT_MAX - CVE-2010-3859

Timo Warns (1):
fs/partitions: Validate map_count in Mac partition tables -
CVE-2011-1010

drivers/gpu/drm/drm_irq.c | 3 ++-
fs/compat.c | 28 +++++++++++++++-------------
fs/exec.c | 8 ++++----
fs/partitions/mac.c | 17 +++++++++--------
include/drm/drmP.h | 2 +-
include/linux/binfmts.h | 4 ++++
net/compat.c | 10 ++++++----
net/core/iovec.c | 15 +++++++--------
8 files changed, 48 insertions(+), 39 deletions(-)

--
1.7.4.1


--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team

07-04-2011 10:08 AM
More CVEs
 
From: Paolo Pisati <paolo.pisati@canonical.com>

All from maverick/master, proper buglink and kteam acks inside.

Dave Airlie (1):
drm: fix unsigned vs signed comparison issue in modeset ctl ioctl
CVE-2011-1013

Oleg Nesterov (1):
exec: copy-and-paste the fixes into compat_do_execve() paths
CVE-2010-NNN3

Timo Warns (1):
fs/partitions: Validate map_count in Mac partition tables
CVE-2011-1010

Vasiliy Kulikov (1):
net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules
CVE-2011-1019

drivers/gpu/drm/drm_irq.c | 3 ++-
fs/compat.c | 28 +++++++++++++++-------------
fs/exec.c | 8 ++++----
fs/partitions/mac.c | 17 +++++++++--------
include/drm/drmP.h | 2 +-
include/linux/binfmts.h | 4 ++++
include/linux/netdevice.h | 4 ++++
net/core/dev.c | 13 ++++++++++---
net/ipv4/ip_gre.c | 1 +
net/ipv4/ipip.c | 1 +
net/ipv6/sit.c | 2 +-
11 files changed, 52 insertions(+), 31 deletions(-)

--
1.7.4.1


--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team

Stefan Bader 07-04-2011 04:29 PM
More CVEs
 
On 04.07.2011 12:08, paolo.pisati@canonical.com wrote:
> From: Paolo Pisati <paolo.pisati@canonical.com>
>
> All from maverick/master, proper buglink and kteam acks inside.
>
> Dave Airlie (1):
> drm: fix unsigned vs signed comparison issue in modeset ctl ioctl
> CVE-2011-1013
>
> Oleg Nesterov (1):
> exec: copy-and-paste the fixes into compat_do_execve() paths
> CVE-2010-NNN3
>
> Timo Warns (1):
> fs/partitions: Validate map_count in Mac partition tables
> CVE-2011-1010
>
> Vasiliy Kulikov (1):
> net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules
> CVE-2011-1019
>
> drivers/gpu/drm/drm_irq.c | 3 ++-
> fs/compat.c | 28 +++++++++++++++-------------
> fs/exec.c | 8 ++++----
> fs/partitions/mac.c | 17 +++++++++--------
> include/drm/drmP.h | 2 +-
> include/linux/binfmts.h | 4 ++++
> include/linux/netdevice.h | 4 ++++
> net/core/dev.c | 13 ++++++++++---
> net/ipv4/ip_gre.c | 1 +
> net/ipv4/ipip.c | 1 +
> net/ipv6/sit.c | 2 +-
> 11 files changed, 52 insertions(+), 31 deletions(-)
>

Beside the NNN3 (check for 4243 and whether all parts are there) it looks ok

Acked-by: Stefan Bader <stefan.bader@canonical.com>

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team

Stefan Bader 07-04-2011 04:32 PM
More CVEs
 
On 04.07.2011 12:03, paolo.pisati@canonical.com wrote:
> From: Paolo Pisati <paolo.pisati@canonical.com>
>
> All from lucid/master, proper buglink and kteam acks inside.
>
> Dave Airlie (1):
> drm: fix unsigned vs signed comparison issue in modeset ctl ioctl,
> CVE-2011-1013
>
> Oleg Nesterov (1):
> exec: copy-and-paste the fixes into compat_do_execve() paths -
> CVE-2010-NNN3
>
> Paolo Pisati (1):
> net: Limit socket I/O iovec total length to INT_MAX - CVE-2010-3859
>
> Timo Warns (1):
> fs/partitions: Validate map_count in Mac partition tables -
> CVE-2011-1010
>
> drivers/gpu/drm/drm_irq.c | 3 ++-
> fs/compat.c | 28 +++++++++++++++-------------
> fs/exec.c | 8 ++++----
> fs/partitions/mac.c | 17 +++++++++--------
> include/drm/drmP.h | 2 +-
> include/linux/binfmts.h | 4 ++++
> net/compat.c | 10 ++++++----
> net/core/iovec.c | 15 +++++++--------
> 8 files changed, 48 insertions(+), 39 deletions(-)
>

Beside comment of NNN3

Acked-by: Stefan Bader <stefan.bader@canonical.com>

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team

Andy Whitcroft 07-04-2011 04:39 PM
More CVEs
 
On Mon, Jul 04, 2011 at 11:08:06AM +0100, paolo.pisati@canonical.com wrote:
> From: Paolo Pisati <paolo.pisati@canonical.com>
>
> All from maverick/master, proper buglink and kteam acks inside.
>
> Dave Airlie (1):
> drm: fix unsigned vs signed comparison issue in modeset ctl ioctl
> CVE-2011-1013
>
> Oleg Nesterov (1):
> exec: copy-and-paste the fixes into compat_do_execve() paths
> CVE-2010-NNN3

Due to some Security team updates this CVE has merged with
CVE-2010-4243, I have therefore updated the CVE number to match.

> Timo Warns (1):
> fs/partitions: Validate map_count in Mac partition tables
> CVE-2011-1010
>
> Vasiliy Kulikov (1):
> net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules
> CVE-2011-1019

Confirmed that all of the mentioned commits match those in the Maverick
version and look reasonable, therefore:

Acked-by: Andy Whitcroft <apw@canonical.com>

As these are all already acked for that branch I have applied and
pushed them.

-apw

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team

Andy Whitcroft 07-04-2011 04:50 PM
More CVEs
 
On Mon, Jul 04, 2011 at 11:03:30AM +0100, paolo.pisati@canonical.com wrote:
> From: Paolo Pisati <paolo.pisati@canonical.com>
>
> All from lucid/master, proper buglink and kteam acks inside.
>
> Dave Airlie (1):
> drm: fix unsigned vs signed comparison issue in modeset ctl ioctl,
> CVE-2011-1013
>
> Oleg Nesterov (1):
> exec: copy-and-paste the fixes into compat_do_execve() paths -
> CVE-2010-NNN3

Ok this has merged with -4243 and I have updated the attribution to
match.

> Paolo Pisati (1):
> net: Limit socket I/O iovec total length to INT_MAX - CVE-2010-3859

The above seems to already be applied so ignoring.

> Timo Warns (1):
> fs/partitions: Validate map_count in Mac partition tables -
> CVE-2011-1010
>
> drivers/gpu/drm/drm_irq.c | 3 ++-
> fs/compat.c | 28 +++++++++++++++-------------
> fs/exec.c | 8 ++++----
> fs/partitions/mac.c | 17 +++++++++--------
> include/drm/drmP.h | 2 +-
> include/linux/binfmts.h | 4 ++++
> net/compat.c | 10 ++++++----
> net/core/iovec.c | 15 +++++++--------
> 8 files changed, 48 insertions(+), 39 deletions(-)

The three commits remaining seem to match the upstream commit on the
master branch and therefore:

Acked-by: Andy Whitcroft <apw@canonical.com>

As all three of these are identicle to and acked for the Lucid master
branch I am comfortable they are good. Therefore applied.

-apw

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team


All times are GMT. The time now is 09:06 PM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.