[CVE-2010-4158]
Ben Hutchings
ben at decadent.org.uk
Fri Feb 18 21:59:30 UTC 2011
On Fri, 2011-02-18 at 11:18 -0700, Tim Gardner wrote:
> On 02/18/2011 09:41 AM, Stefan Bader wrote:
> > https://bugs.launchpad.net/ubuntu/dapper/+source/linux/+bug/721282
> >
> > The sk_run_filter function in net/core/filter.c in the Linux kernel before
> > 2.6.36.2 does not check whether a certain memory location has been
> > initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM
> > instruction, which allows local users to obtain potentially sensitive
> > information from kernel stack memory via a crafted socket filter.
> >
> > Changes are already released in Natty and Maverick. For Lucid, Karmic,
> > Hardy the backport just works around different environmental lines of
> > code. Same for Dapper, just different lines.
> >
> > -Stefan
> >
> >
>
> I'm surprised nobody complained about this patch when it first went
> upstream.
I did, but for whatever reason David didn't want to split it up.
Ben.
> he substitution of f_k for fentry->k completely obscures the
> original intent of the patch. Despite that, ACK for all releases.
>
> Acked-by: Tim Gardner <tim.gardner at canonical.com>
>
> --
> Tim Gardner tim.gardner at canonical.com
>
--
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20110218/1b9eeb40/attachment.sig>
More information about the kernel-team
mailing list