summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAdrian Stratulat <adrian.stratulat@enea.com>2019-05-28 11:42:57 +0200
committerAdrian Stratulat <adrian.stratulat@enea.com>2019-05-28 12:57:19 +0200
commit3a9faa96f54caf89b01d0f6005988cc1d444942e (patch)
tree5564d4df592bd410503bf816c9b4df0a89eea020
parent8c226b6462bfbecd88caa83bf13cef888584628a (diff)
downloadenea-kernel-cache-qoriq-4.14.tar.gz
linux-qoriq: CVE-2019-11486qoriq-4.14
References: https://nvd.nist.gov/vuln/detail/CVE-2019-11486 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8 Change-Id: I4ea456e157061b61842abbf1a936542bab54092d Signed-off-by: Adrian Stratulat <adrian.stratulat@enea.com>
-rw-r--r--patches/cve/4.14.x.scc2
-rw-r--r--patches/cve/CVE-2019-11486.patch48
2 files changed, 50 insertions, 0 deletions
diff --git a/patches/cve/4.14.x.scc b/patches/cve/4.14.x.scc
index 8280a4c..99720ca 100644
--- a/patches/cve/4.14.x.scc
+++ b/patches/cve/4.14.x.scc
@@ -1,3 +1,5 @@
1patch CVE-2019-8980.patch 1patch CVE-2019-8980.patch
2 2
3patch CVE-2019-9213.patch 3patch CVE-2019-9213.patch
4
5patch CVE-2019-11486.patch
diff --git a/patches/cve/CVE-2019-11486.patch b/patches/cve/CVE-2019-11486.patch
new file mode 100644
index 0000000..8157eee
--- /dev/null
+++ b/patches/cve/CVE-2019-11486.patch
@@ -0,0 +1,48 @@
1From c7084edc3f6d67750f50d4183134c4fb5712a5c8 Mon Sep 17 00:00:00 2001
2From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
3Date: Fri, 5 Apr 2019 15:39:26 +0200
4Subject: tty: mark Siemens R3964 line discipline as BROKEN
5
6The n_r3964 line discipline driver was written in a different time, when
7SMP machines were rare, and users were trusted to do the right thing.
8Since then, the world has moved on but not this code, it has stayed
9rooted in the past with its lovely hand-crafted list structures and
10loads of "interesting" race conditions all over the place.
11
12After attempting to clean up most of the issues, I just gave up and am
13now marking the driver as BROKEN so that hopefully someone who has this
14hardware will show up out of the woodwork (I know you are out there!)
15and will help with debugging a raft of changes that I had laying around
16for the code, but was too afraid to commit as odds are they would break
17things.
18
19Many thanks to Jann and Linus for pointing out the initial problems in
20this codebase, as well as many reviews of my attempts to fix the issues.
21It was a case of whack-a-mole, and as you can see, the mole won.
22
23Reported-by: Jann Horn <jannh@google.com>
24Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
25Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
26Signed-off-by: Adrian Stratulat <adrian.stratulat@enea.com>
27Upstream-Status: Backport [https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8]
28CVE: CVE-2019-11486
29---
30 drivers/char/Kconfig | 2 +-
31 1 file changed, 1 insertion(+), 1 deletion(-)
32
33diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig
34index 72866a004f07..466ebd84ad17 100644
35--- a/drivers/char/Kconfig
36+++ b/drivers/char/Kconfig
37@@ -348,7 +348,7 @@ config XILINX_HWICAP
38
39 config R3964
40 tristate "Siemens R3964 line discipline"
41- depends on TTY
42+ depends on TTY && BROKEN
43 ---help---
44 This driver allows synchronous communication with devices using the
45 Siemens R3964 packet protocol. Unless you are dealing with special
46--
47cgit 1.2-0.3.lf.el7
48