Fwd: Linux Broadcom 5820 Cryptonet Driver Integer Overflow
Jon Peatfield
J.S.Peatfield at damtp.cam.ac.uk
Fri Jul 2 14:00:23 UTC 2004
Ignore that I found a mirror, the patch is indeed tiny. Anyone care
to comment on a proposed set of changes to 2.4.20-35.x.legacy?
diff -urwN ../rpmbuild.jp107/SOURCES/linux-2.4.18-missing-license-tags.patch ./SOURCES/linux-2.4.18-missing-license-tags.patch
--- ../rpmbuild.jp107/SOURCES/linux-2.4.18-missing-license-tags.patch 2003-12-09 22:31:06.000000000 +0000
+++ ./SOURCES/linux-2.4.18-missing-license-tags.patch 2004-07-02 14:50:38.000000000 +0100
@@ -21,15 +21,15 @@
static char *driver_name = "SyncLink PC Card driver";
static char *driver_version = "$Revision: 3.4 $";
-diff -urNp linux-10020/drivers/crypto/bcm/dispatch.c linux-10030/drivers/crypto/bcm/dispatch.c
---- linux-10020/drivers/crypto/bcm/dispatch.c
-+++ linux-10030/drivers/crypto/bcm/dispatch.c
-@@ -562,3 +562,5 @@ extern void Linux_FreeDMAMemory(void *
-
- return;
- }
-+
-+MODULE_LICENSE("GPL");
+#diff -urNp linux-10020/drivers/crypto/bcm/dispatch.c linux-10030/drivers/crypto/bcm/dispatch.c
+#--- linux-10020/drivers/crypto/bcm/dispatch.c
+#+++ linux-10030/drivers/crypto/bcm/dispatch.c
+#@@ -562,3 +562,5 @@ extern void Linux_FreeDMAMemory(void *
+#
+# return;
+# }
+#+
+#+MODULE_LICENSE("GPL");
diff -urNp linux-10020/drivers/net/hamradio/soundmodem/sm.c linux-10030/drivers/net/hamradio/soundmodem/sm.c
--- linux-10020/drivers/net/hamradio/soundmodem/sm.c 2001-04-18 23:40:05.000000000 +0200
+++ linux-10030/drivers/net/hamradio/soundmodem/sm.c
diff -urwN ../rpmbuild.jp107/SOURCES/linux-2.4.27pre-nfs-fchown.patch ./SOURCES/linux-2.4.27pre-nfs-fchown.patch
--- ../rpmbuild.jp107/SOURCES/linux-2.4.27pre-nfs-fchown.patch 1970-01-01 01:00:00.000000000 +0100
+++ ./SOURCES/linux-2.4.27pre-nfs-fchown.patch 2004-07-02 14:44:46.000000000 +0100
@@ -0,0 +1,12 @@
+--- linux-2.4.22/fs/attr.c~ 2004-07-01 17:24:21.707391872 +0100
++++ linux-2.4.22/fs/attr.c 2004-07-01 17:24:40.733499464 +0100
+@@ -33,7 +33,8 @@
+
+ /* Make sure caller can chgrp. */
+ if ((ia_valid & ATTR_GID) &&
+- (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid) &&
++ (current->fsuid != inode->i_uid ||
++ (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid)) &&
+ !capable(CAP_CHOWN))
+ goto error;
+
diff -urwN ../rpmbuild.jp107/SPECS/kernel-2.4.spec ./SPECS/kernel-2.4.spec
--- ../rpmbuild.jp107/SPECS/kernel-2.4.spec 2004-06-23 16:00:44.000000000 +0100
+++ ./SPECS/kernel-2.4.spec 2004-07-02 14:48:34.000000000 +0100
@@ -21,7 +21,7 @@
# that the kernel isn't the stock RHL kernel, for example by
# adding some text to the end of the version number.
#
-%define release 35.9.legacy
+%define release 36.9.legacy
%define sublevel 20
%define kversion 2.4.%{sublevel}
# /usr/src/%{kslnk} -> /usr/src/linux-%{KVERREL}
@@ -292,6 +292,7 @@
Patch970: linux-2.4.25pre-selected-patches.legacy.patch
Patch980: linux-2.4.26pre-selected-patches.legacy.patch
Patch990: linux-2.4.27pre-fix-x86-clear_fpu-macro.patch
+Patch991: linux-2.4.27pre-nfs-fchown.patch
#
# Patches 1000 to 5000 are reserved for bugfixes to drivers and filesystems
@@ -760,6 +761,9 @@
# Local DoS fix in clear_fpu macro
%patch990 -p1
+# Fix NFS fchown bug
+%patch991 -p1
+
#
# Patches 1000 to 5000 are reserved for bugfixes to drivers and filesystems
#
@@ -1129,12 +1133,14 @@
%patch5030 -p1
# ECC reporting module
%patch5050 -p1
-# Broadcom 5820 driver
-%patch5090 -p1
-%patch5091 -p1
-%patch5092 -p1
-%patch5093 -p1
-%patch5094 -p1
+# Disable Broadcom driver at least until there is a proper fix
+## Broadcom 5820 driver
+#%patch5090 -p1
+#%patch5091 -p1
+#%patch5092 -p1
+#%patch5093 -p1
+#%patch5094 -p1
+
# iSCSI driver, and fix
%patch5120 -p1
@@ -1948,6 +1954,10 @@
#
%changelog
+* Thu Jul 1 2004 Dave Jones <davej at redhat.com>
+- add patch to fix missing checks in fchown() (CAN-2004-0497)
+- Drop Broadcom 5820 driver due to code quality concerns.
+
* Fri Jun 18 2004 Dominic Hargreaves <dom at earth.li>
- Fix memory leak in kernel/fork.c. (CAN-2004-0427)
- Numerous userspace pointer reference bugs found with the sparse
I'll build this up shortly and let people know what I get...
-- Jon
More information about the fedora-legacy-list
mailing list