Author: dannf
Date: Wed Aug 16 20:02:57 2006
New Revision: 7170
Added:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/direct-io-write-mem-leak.dpatch
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5
Log:
[SECURITY] James McKenzie discovered a Denial of Service vulnerability
* direct-io-write-mem-leak.dpatch
[SECURITY] Fix memory leak in O_DIRECT write.
See CVE-2004-2660
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
==============================================================================
---
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
(original)
+++
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
Wed Aug 16 20:02:57 2006
@@ -1,13 +1,16 @@
kernel-source-2.6.8 (2.6.8-16sarge5) UNRELEASED; urgency=high
* fs-ext3-bad-nfs-handle.dpatch
- [SECURITY] James McKenzie discovered a Denial of Service vulnerability
+ [SECURITY] James McKenzie discovered a Denial of Service vulnerability
in the NFS driver. When exporting an ext3 file system over NFS, a remote
attacker could exploit this to trigger a file system panic by sending
a specially crafted UDP packet.
See CVE-2006-3468
+ * direct-io-write-mem-leak.dpatch
+ [SECURITY] Fix memory leak in O_DIRECT write.
+ See CVE-2004-2660
- -- dann frazier <[EMAIL PROTECTED]> Sun, 13 Aug 2006 21:15:35 -0600
+ -- dann frazier <[EMAIL PROTECTED]> Wed, 16 Aug 2006 14:00:11 -0600
kernel-source-2.6.8 (2.6.8-16sarge4) stable-security; urgency=high
Added:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/direct-io-write-mem-leak.dpatch
==============================================================================
--- (empty file)
+++
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/direct-io-write-mem-leak.dpatch
Wed Aug 16 20:02:57 2006
@@ -0,0 +1,30 @@
+diff -Naru a/fs/direct-io.c b/fs/direct-io.c
+--- a/fs/direct-io.c 2006-08-16 20:58:21 -07:00
++++ b/fs/direct-io.c 2006-08-16 20:58:21 -07:00
+@@ -844,8 +844,10 @@
+ char *kaddr;
+
+ /* AKPM: eargh, -ENOTBLK is a hack */
+- if (dio->rw == WRITE)
++ if (dio->rw == WRITE) {
++ page_cache_release(page);
+ return -ENOTBLK;
++ }
+
+ if (dio->block_in_file >=
+ i_size_read(dio->inode)>>blkbits) {
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+# 2004/10/29 13:20:35-07:00 [EMAIL PROTECTED]
+# [PATCH] direct IO write memory leak fix
+#
+# It seems that O_DIRECT write sometimes leaks memory.
+#
+# Signed-off-by: Andrew Morton <[EMAIL PROTECTED]>
+# Signed-off-by: Linus Torvalds <[EMAIL PROTECTED]>
+#
+# fs/direct-io.c
+# 2004/10/29 01:13:37-07:00 [EMAIL PROTECTED] +3 -1
+# direct IO write memory leak fix
+#
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5
==============================================================================
---
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5
(original)
+++
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge5
Wed Aug 16 20:02:57 2006
@@ -1 +1,2 @@
+ fs-ext3-bad-nfs-handle.dpatch
++ direct-io-write-mem-leak.dpatch
_______________________________________________
Kernel-svn-changes mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes
