From: Nicolas Thill Date: Fri, 10 Apr 2009 12:07:13 +0000 (+0000) Subject: [CVE-2009-0676] fix Linux kernel memory disclosure in sock_getsockopt (closes: #4914) X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fsvn-archive%2Farchive.git;a=commitdiff_plain;hb=479a1906ae970f0d4f2349087e5fdd358acd3b7f [CVE-2009-0676] fix Linux kernel memory disclosure in sock_getsockopt (closes: #4914) SVN-Revision: 15192 --- diff --git a/target/linux/generic-2.6/patches-2.6.24/993-cve-2009-0676.patch b/target/linux/generic-2.6/patches-2.6.24/993-cve-2009-0676.patch new file mode 100644 index 0000000000..73f7aad638 --- /dev/null +++ b/target/linux/generic-2.6/patches-2.6.24/993-cve-2009-0676.patch @@ -0,0 +1,13 @@ +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0676 + +--- a/net/core/sock.c ++++ b/net/core/sock.c +@@ -691,6 +691,8 @@ int sock_getsockopt(struct socket *sock, + if (len < 0) + return -EINVAL; + ++ v.val = 0; ++ + switch(optname) { + case SO_DEBUG: + v.val = sock_flag(sk, SOCK_DBG); diff --git a/target/linux/generic-2.6/patches-2.6.25/993-cve-2009-0676.patch b/target/linux/generic-2.6/patches-2.6.25/993-cve-2009-0676.patch new file mode 100644 index 0000000000..c91a0398bd --- /dev/null +++ b/target/linux/generic-2.6/patches-2.6.25/993-cve-2009-0676.patch @@ -0,0 +1,13 @@ +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0676 + +--- a/net/core/sock.c ++++ b/net/core/sock.c +@@ -705,6 +705,8 @@ int sock_getsockopt(struct socket *sock, + if (len < 0) + return -EINVAL; + ++ v.val = 0; ++ + switch(optname) { + case SO_DEBUG: + v.val = sock_flag(sk, SOCK_DBG); diff --git a/target/linux/generic-2.6/patches-2.6.26/993-cve-2009-0676.patch b/target/linux/generic-2.6/patches-2.6.26/993-cve-2009-0676.patch new file mode 100644 index 0000000000..70ce86d32c --- /dev/null +++ b/target/linux/generic-2.6/patches-2.6.26/993-cve-2009-0676.patch @@ -0,0 +1,13 @@ +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0676 + +--- a/net/core/sock.c ++++ b/net/core/sock.c +@@ -697,6 +697,8 @@ int sock_getsockopt(struct socket *sock, + if (len < 0) + return -EINVAL; + ++ v.val = 0; ++ + switch(optname) { + case SO_DEBUG: + v.val = sock_flag(sk, SOCK_DBG);