diff options
author | Andreas Wellving <andreas.wellving@enea.com> | 2019-05-22 12:59:28 +0200 |
---|---|---|
committer | Adrian Mangeac <Adrian.Mangeac@enea.com> | 2019-05-22 13:24:38 +0200 |
commit | 328313512c5acc9e55eacfe8b7ca214e3c2df2e1 (patch) | |
tree | 2fbb059fee38a77b1850b57946d2a1ed5b450e7d | |
parent | 8380ffa362572e5fa6c29fdcf9127f2bf3f48293 (diff) | |
download | enea-kernel-cache-328313512c5acc9e55eacfe8b7ca214e3c2df2e1.tar.gz |
tty: CVE-2019-11486
tty: mark Siemens R3964 line discipline as BROKEN
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2019-11486
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-4.14.y&id=429977fd9f7153607230a6040ee12510a525e930
Change-Id: Iba01aad6b191590574396a6e06a4e6c554db6274
Signed-off-by: Andreas Wellving <andreas.wellving@enea.com>
-rw-r--r-- | patches/cve/CVE-2019-11486-tty-mark-Siemens-R3964-line-discipline-as-BROKEN.patch | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/patches/cve/CVE-2019-11486-tty-mark-Siemens-R3964-line-discipline-as-BROKEN.patch b/patches/cve/CVE-2019-11486-tty-mark-Siemens-R3964-line-discipline-as-BROKEN.patch new file mode 100644 index 0000000..aa00934 --- /dev/null +++ b/patches/cve/CVE-2019-11486-tty-mark-Siemens-R3964-line-discipline-as-BROKEN.patch | |||
@@ -0,0 +1,51 @@ | |||
1 | From 429977fd9f7153607230a6040ee12510a525e930 Mon Sep 17 00:00:00 2001 | ||
2 | From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
3 | Date: Fri, 5 Apr 2019 15:39:26 +0200 | ||
4 | Subject: [PATCH] tty: mark Siemens R3964 line discipline as BROKEN | ||
5 | |||
6 | commit c7084edc3f6d67750f50d4183134c4fb5712a5c8 upstream. | ||
7 | |||
8 | The n_r3964 line discipline driver was written in a different time, when | ||
9 | SMP machines were rare, and users were trusted to do the right thing. | ||
10 | Since then, the world has moved on but not this code, it has stayed | ||
11 | rooted in the past with its lovely hand-crafted list structures and | ||
12 | loads of "interesting" race conditions all over the place. | ||
13 | |||
14 | After attempting to clean up most of the issues, I just gave up and am | ||
15 | now marking the driver as BROKEN so that hopefully someone who has this | ||
16 | hardware will show up out of the woodwork (I know you are out there!) | ||
17 | and will help with debugging a raft of changes that I had laying around | ||
18 | for the code, but was too afraid to commit as odds are they would break | ||
19 | things. | ||
20 | |||
21 | Many thanks to Jann and Linus for pointing out the initial problems in | ||
22 | this codebase, as well as many reviews of my attempts to fix the issues. | ||
23 | It was a case of whack-a-mole, and as you can see, the mole won. | ||
24 | |||
25 | CVE: CVE-2019-11486 | ||
26 | Upstream-Status: Backport [https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-4.14.y&id=429977fd9f7153607230a6040ee12510a525e930] | ||
27 | |||
28 | Reported-by: Jann Horn <jannh@google.com> | ||
29 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
30 | Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | ||
31 | Signed-off-by: Andreas Wellving <andreas.wellving@enea.com> | ||
32 | --- | ||
33 | drivers/char/Kconfig | 2 +- | ||
34 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
35 | |||
36 | diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig | ||
37 | index c28dca0c613d..88316f86cc95 100644 | ||
38 | --- a/drivers/char/Kconfig | ||
39 | +++ b/drivers/char/Kconfig | ||
40 | @@ -380,7 +380,7 @@ config XILINX_HWICAP | ||
41 | |||
42 | config R3964 | ||
43 | tristate "Siemens R3964 line discipline" | ||
44 | - depends on TTY | ||
45 | + depends on TTY && BROKEN | ||
46 | ---help--- | ||
47 | This driver allows synchronous communication with devices using the | ||
48 | Siemens R3964 packet protocol. Unless you are dealing with special | ||
49 | -- | ||
50 | 2.20.1 | ||
51 | |||