Re: Linux 2.4.27-rc5

From: Marcelo Tosatti
Date: Wed Aug 04 2004 - 16:14:19 EST

Next message: Zwane Mwaikambo: "Re: MTRR driver model support broken on SMP."
Previous message: Con Kolivas: "Re: CPU hotplug broken in 2.6.8-rc2 ?"
In reply to: Geert Uytterhoeven: "Re: Linux 2.4.27-rc5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Aug 04, 2004 at 05:53:39PM +0200, Geert Uytterhoeven wrote:
> On Tue, 3 Aug 2004, Marcelo Tosatti wrote:
> > Most importantly this release fixes an exploitable race in file offset handling
> > which allows unpriviledged users from potentially reading kernel memory.
> > This touches several drivers and generic proc code. This issue is covered by
> > CAN-2004-0415.
> > Marcelo Tosatti:
> > o Al Viro and others: Fix file offset handling races in several drivers
>
> Breaks the build with gcc 2.95. Trivial fix below:
>
> --- linux-2.4.27-rc5/net/atm/br2684.c.orig 2004-08-04 15:33:22.000000000 +0200
> +++ linux-2.4.27-rc5/net/atm/br2684.c 2004-08-04 17:21:16.000000000 +0200
> @@ -736,8 +736,9 @@ static ssize_t br2684_proc_read(struct f
> {
> unsigned long page;
> int len = 0, x, left;
> - page = get_free_page(GFP_KERNEL);
> loff_t n = *pos;
> +
> + page = get_free_page(GFP_KERNEL);
> if (!page)
> return -ENOMEM;
> left = PAGE_SIZE - 256;

Applied, thanks!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Zwane Mwaikambo: "Re: MTRR driver model support broken on SMP."
Previous message: Con Kolivas: "Re: CPU hotplug broken in 2.6.8-rc2 ?"
In reply to: Geert Uytterhoeven: "Re: Linux 2.4.27-rc5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]