Author: dannf Date: Mon May 29 07:24:50 2006 New Revision: 6754 Added: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/222_binfmt-bad-elf-entry-address.diff Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3
Log: * 222_binfmt-bad-elf-entry-address.diff [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf code on em64t processors See CVE-2006-0741 Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog ============================================================================== --- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog (original) +++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog Mon May 29 07:24:50 2006 @@ -61,8 +61,12 @@ [SECURITY] Fix buffer overflow in netfilter do_replace which can could be triggered by users with CAP_NET_ADMIN rights. See CVE-2006-0038 + * 222_binfmt-bad-elf-entry-address.diff + [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf + code on em64t processors + See CVE-2006-0741 - -- dann frazier <[EMAIL PROTECTED]> Mon, 29 May 2006 00:57:31 -0600 + -- dann frazier <[EMAIL PROTECTED]> Mon, 29 May 2006 01:21:41 -0600 kernel-source-2.4.27 (2.4.27-10sarge2) stable-security; urgency=high Added: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/222_binfmt-bad-elf-entry-address.diff ============================================================================== --- (empty file) +++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/222_binfmt-bad-elf-entry-address.diff Mon May 29 07:24:50 2006 @@ -0,0 +1,31 @@ +From: Andi Kleen <[EMAIL PROTECTED]> +Date: Wed, 1 Mar 2006 13:39:51 +0000 (+0100) +Subject: [PATCH] x86_64: Check for bad elf entry address. +X-Git-Tag: v2.4.33-pre3 +X-Git-Url: http://www.kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git;a=commitdiff;h=d95fcdf1efc954a93bd01782df4f175e09309803 + +[PATCH] x86_64: Check for bad elf entry address. + +[Actually based on a 2.6 patch by Suresh Siddha, but the 2.4 implementation +is somewhat different] + +Fixes a local DOS on Intel systems that lead to an endless +recursive fault. AMD machines don't seem to be affected. + +Signed-off-by: Andi Kleen <[EMAIL PROTECTED]> +--- + +--- a/fs/binfmt_elf.c ++++ b/fs/binfmt_elf.c +@@ -643,6 +643,11 @@ static int load_elf_binary(struct linux_ + SET_PERSONALITY(elf_ex, ibcs2_interpreter); + } + ++ if (BAD_ADDR(elf_ex.e_entry)) { ++ retval = -ENOEXEC; ++ goto out_free_dentry; ++ } ++ + /* OK, we are done with that, now set up the arg stuff, + and then start this sucker up */ + Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3 ============================================================================== --- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3 (original) +++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge3 Mon May 29 07:24:50 2006 @@ -13,3 +13,4 @@ + 219_sctp-hb-ack-overflow.diff + 220_sctp-param-bound-checks.diff + 221_netfilter-do_replace-overflow.diff ++ 222_binfmt-bad-elf-entry-address.diff _______________________________________________ Kernel-svn-changes mailing list Kernel-svn-changes@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes