From 479a1906ae970f0d4f2349087e5fdd358acd3b7f Mon Sep 17 00:00:00 2001
From: Nicolas Thill <nico@openwrt.org>
Date: Fri, 10 Apr 2009 12:07:13 +0000
Subject: [PATCH] [CVE-2009-0676] fix Linux kernel memory disclosure in
 sock_getsockopt (closes: #4914)

SVN-Revision: 15192
---
 .../patches-2.6.24/993-cve-2009-0676.patch          | 13 +++++++++++++
 .../patches-2.6.25/993-cve-2009-0676.patch          | 13 +++++++++++++
 .../patches-2.6.26/993-cve-2009-0676.patch          | 13 +++++++++++++
 3 files changed, 39 insertions(+)
 create mode 100644 target/linux/generic-2.6/patches-2.6.24/993-cve-2009-0676.patch
 create mode 100644 target/linux/generic-2.6/patches-2.6.25/993-cve-2009-0676.patch
 create mode 100644 target/linux/generic-2.6/patches-2.6.26/993-cve-2009-0676.patch

diff --git a/target/linux/generic-2.6/patches-2.6.24/993-cve-2009-0676.patch b/target/linux/generic-2.6/patches-2.6.24/993-cve-2009-0676.patch
new file mode 100644
index 0000000000..73f7aad638
--- /dev/null
+++ b/target/linux/generic-2.6/patches-2.6.24/993-cve-2009-0676.patch
@@ -0,0 +1,13 @@
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0676
+
+--- a/net/core/sock.c
++++ b/net/core/sock.c
+@@ -691,6 +691,8 @@ int sock_getsockopt(struct socket *sock,
+ 	if (len < 0)
+ 		return -EINVAL;
+ 
++	v.val = 0;
++
+ 	switch(optname) {
+ 	case SO_DEBUG:
+ 		v.val = sock_flag(sk, SOCK_DBG);
diff --git a/target/linux/generic-2.6/patches-2.6.25/993-cve-2009-0676.patch b/target/linux/generic-2.6/patches-2.6.25/993-cve-2009-0676.patch
new file mode 100644
index 0000000000..c91a0398bd
--- /dev/null
+++ b/target/linux/generic-2.6/patches-2.6.25/993-cve-2009-0676.patch
@@ -0,0 +1,13 @@
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0676
+
+--- a/net/core/sock.c
++++ b/net/core/sock.c
+@@ -705,6 +705,8 @@ int sock_getsockopt(struct socket *sock,
+ 	if (len < 0)
+ 		return -EINVAL;
+ 
++	v.val = 0;
++
+ 	switch(optname) {
+ 	case SO_DEBUG:
+ 		v.val = sock_flag(sk, SOCK_DBG);
diff --git a/target/linux/generic-2.6/patches-2.6.26/993-cve-2009-0676.patch b/target/linux/generic-2.6/patches-2.6.26/993-cve-2009-0676.patch
new file mode 100644
index 0000000000..70ce86d32c
--- /dev/null
+++ b/target/linux/generic-2.6/patches-2.6.26/993-cve-2009-0676.patch
@@ -0,0 +1,13 @@
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0676
+
+--- a/net/core/sock.c
++++ b/net/core/sock.c
+@@ -697,6 +697,8 @@ int sock_getsockopt(struct socket *sock,
+ 	if (len < 0)
+ 		return -EINVAL;
+ 
++	v.val = 0;
++
+ 	switch(optname) {
+ 	case SO_DEBUG:
+ 		v.val = sock_flag(sk, SOCK_DBG);
-- 
2.30.2