summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSona Sarmadi <sona.sarmadi@enea.com>2015-12-30 10:05:07 +0100
committerTudor Florea <tudor.florea@enea.com>2015-12-30 13:00:31 +0100
commit46cbdbcd69c5da4801506a1bb472d683b1163ea9 (patch)
tree6bf84b17eed6d6bc26c6d75f0358df3cfe4d1432
parent172827599cfe85e9df117b794ce5b935303fa96e (diff)
downloadmeta-hierofalcon-46cbdbcd69c5da4801506a1bb472d683b1163ea9.tar.gz
kernel-fs: CVE-2015-5706
Fixes double fput(). References: =========== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5706 CVE assignment: http://seclists.org/oss-sec/2015/q3/270 Upstream/original fix: ====================== https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=f15133df088ecadd141ea1907f2c96df67c729f0 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
-rw-r--r--recipes-kernel/linux/linux-hierofalcon-3.19/fs-CVE-2015-5706.patch43
-rw-r--r--recipes-kernel/linux/linux-hierofalcon_3.19.bb1
2 files changed, 44 insertions, 0 deletions
diff --git a/recipes-kernel/linux/linux-hierofalcon-3.19/fs-CVE-2015-5706.patch b/recipes-kernel/linux/linux-hierofalcon-3.19/fs-CVE-2015-5706.patch
new file mode 100644
index 0000000..46aa441
--- /dev/null
+++ b/recipes-kernel/linux/linux-hierofalcon-3.19/fs-CVE-2015-5706.patch
@@ -0,0 +1,43 @@
1From f15133df088ecadd141ea1907f2c96df67c729f0 Mon Sep 17 00:00:00 2001
2From: Al Viro <viro@zeniv.linux.org.uk>
3Date: Fri, 8 May 2015 22:53:15 -0400
4Subject: path_openat(): fix double fput()
5
6path_openat() jumps to the wrong place after do_tmpfile() - it has
7already done path_cleanup() (as part of path_lookupat() called by
8do_tmpfile()), so doing that again can lead to double fput().
9
10Fixes CVE-2015-5706.
11Upstream-Status: Backport
12
13Cc: stable@vger.kernel.org # v3.11+
14Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
16---
17 fs/namei.c | 3 ++-
18 1 file changed, 2 insertions(+), 1 deletion(-)
19
20diff --git a/fs/namei.c b/fs/namei.c
21index f67cf6c..fe30d3b 100644
22--- a/fs/namei.c
23+++ b/fs/namei.c
24@@ -3233,7 +3233,7 @@ static struct file *path_openat(int dfd, struct filename *pathname,
25
26 if (unlikely(file->f_flags & __O_TMPFILE)) {
27 error = do_tmpfile(dfd, pathname, nd, flags, op, file, &opened);
28- goto out;
29+ goto out2;
30 }
31
32 error = path_init(dfd, pathname, flags, nd);
33@@ -3263,6 +3263,7 @@ static struct file *path_openat(int dfd, struct filename *pathname,
34 }
35 out:
36 path_cleanup(nd);
37+out2:
38 if (!(opened & FILE_OPENED)) {
39 BUG_ON(!error);
40 put_filp(file);
41--
42cgit v0.11.2
43
diff --git a/recipes-kernel/linux/linux-hierofalcon_3.19.bb b/recipes-kernel/linux/linux-hierofalcon_3.19.bb
index ea80e94..5e11c05 100644
--- a/recipes-kernel/linux/linux-hierofalcon_3.19.bb
+++ b/recipes-kernel/linux/linux-hierofalcon_3.19.bb
@@ -22,6 +22,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto-3.19;branch="standard/qemuarm6
22 file://fs-CVE-2015-3339.patch \ 22 file://fs-CVE-2015-3339.patch \
23 file://mnt-CVE-2015-4177.patch \ 23 file://mnt-CVE-2015-4177.patch \
24 file://fs_pin-CVE-2015-4178.patch \ 24 file://fs_pin-CVE-2015-4178.patch \
25 file://fs-CVE-2015-5706.patch \
25 " 26 "
26 27
27S = "${WORKDIR}/git" 28S = "${WORKDIR}/git"