diff options
| author | Andreas Wellving <andreas.wellving@enea.com> | 2019-05-22 12:59:28 +0200 |
|---|---|---|
| committer | Adrian Mangeac <Adrian.Mangeac@enea.com> | 2019-05-22 13:24:38 +0200 |
| commit | 328313512c5acc9e55eacfe8b7ca214e3c2df2e1 (patch) | |
| tree | 2fbb059fee38a77b1850b57946d2a1ed5b450e7d | |
| parent | 8380ffa362572e5fa6c29fdcf9127f2bf3f48293 (diff) | |
| download | enea-kernel-cache-328313512c5acc9e55eacfe8b7ca214e3c2df2e1.tar.gz | |
tty: CVE-2019-11486
tty: mark Siemens R3964 line discipline as BROKEN
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2019-11486
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-4.14.y&id=429977fd9f7153607230a6040ee12510a525e930
Change-Id: Iba01aad6b191590574396a6e06a4e6c554db6274
Signed-off-by: Andreas Wellving <andreas.wellving@enea.com>
| -rw-r--r-- | patches/cve/CVE-2019-11486-tty-mark-Siemens-R3964-line-discipline-as-BROKEN.patch | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/patches/cve/CVE-2019-11486-tty-mark-Siemens-R3964-line-discipline-as-BROKEN.patch b/patches/cve/CVE-2019-11486-tty-mark-Siemens-R3964-line-discipline-as-BROKEN.patch new file mode 100644 index 0000000..aa00934 --- /dev/null +++ b/patches/cve/CVE-2019-11486-tty-mark-Siemens-R3964-line-discipline-as-BROKEN.patch | |||
| @@ -0,0 +1,51 @@ | |||
| 1 | From 429977fd9f7153607230a6040ee12510a525e930 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
| 3 | Date: Fri, 5 Apr 2019 15:39:26 +0200 | ||
| 4 | Subject: [PATCH] tty: mark Siemens R3964 line discipline as BROKEN | ||
| 5 | |||
| 6 | commit c7084edc3f6d67750f50d4183134c4fb5712a5c8 upstream. | ||
| 7 | |||
| 8 | The n_r3964 line discipline driver was written in a different time, when | ||
| 9 | SMP machines were rare, and users were trusted to do the right thing. | ||
| 10 | Since then, the world has moved on but not this code, it has stayed | ||
| 11 | rooted in the past with its lovely hand-crafted list structures and | ||
| 12 | loads of "interesting" race conditions all over the place. | ||
| 13 | |||
| 14 | After attempting to clean up most of the issues, I just gave up and am | ||
| 15 | now marking the driver as BROKEN so that hopefully someone who has this | ||
| 16 | hardware will show up out of the woodwork (I know you are out there!) | ||
| 17 | and will help with debugging a raft of changes that I had laying around | ||
| 18 | for the code, but was too afraid to commit as odds are they would break | ||
| 19 | things. | ||
| 20 | |||
| 21 | Many thanks to Jann and Linus for pointing out the initial problems in | ||
| 22 | this codebase, as well as many reviews of my attempts to fix the issues. | ||
| 23 | It was a case of whack-a-mole, and as you can see, the mole won. | ||
| 24 | |||
| 25 | CVE: CVE-2019-11486 | ||
| 26 | Upstream-Status: Backport [https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-4.14.y&id=429977fd9f7153607230a6040ee12510a525e930] | ||
| 27 | |||
| 28 | Reported-by: Jann Horn <jannh@google.com> | ||
| 29 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | ||
| 30 | Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | ||
| 31 | Signed-off-by: Andreas Wellving <andreas.wellving@enea.com> | ||
| 32 | --- | ||
| 33 | drivers/char/Kconfig | 2 +- | ||
| 34 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
| 35 | |||
| 36 | diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig | ||
| 37 | index c28dca0c613d..88316f86cc95 100644 | ||
| 38 | --- a/drivers/char/Kconfig | ||
| 39 | +++ b/drivers/char/Kconfig | ||
| 40 | @@ -380,7 +380,7 @@ config XILINX_HWICAP | ||
| 41 | |||
| 42 | config R3964 | ||
| 43 | tristate "Siemens R3964 line discipline" | ||
| 44 | - depends on TTY | ||
| 45 | + depends on TTY && BROKEN | ||
| 46 | ---help--- | ||
| 47 | This driver allows synchronous communication with devices using the | ||
| 48 | Siemens R3964 packet protocol. Unless you are dealing with special | ||
| 49 | -- | ||
| 50 | 2.20.1 | ||
| 51 | |||