kernel-net-ppp: CVE-2015-8569

Fixes an information leak from getsockname. References: =========== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8569 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8569 Reference to the upstream fixes: =============================== https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=f167b6f4244fbc8d05fcc385b1bf8e70729c9e7c Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
author: Sona Sarmadi <sona.sarmadi@enea.com> 2016-06-01 08:27:18 +0200
committer: Tudor Florea <tudor.florea@enea.com> 2016-06-01 09:08:39 +0200
commit: cb7889476c50f4223fc761c08f6953ce7a05e537 (patch)
tree: 2a7b868a0d92d53ea47282d5b29f43f0a56b84e7 /recipes-kernel/linux
parent: f843c4d152d2819b4df601a19e71f15099efecc4 (diff)
download: meta-hierofalcon-cb7889476c50f4223fc761c08f6953ce7a05e537.tar.gz
3 files changed, 48 insertions, 0 deletions
diff --git a/recipes-kernel/linux/linux-hierofalcon/net-ppp-CVE-2015-8569.patch b/recipes-kernel/linux/linux-hierofalcon/net-ppp-CVE-2015-8569.patch
new file mode 100644
index 0000000..0efaa09
--- /dev/null
+++ b/recipes-kernel/linux/linux-hierofalcon/net-ppp-CVE-2015-8569.patch
@@ -0,0 +1,46 @@
+From f167b6f4244fbc8d05fcc385b1bf8e70729c9e7c Mon Sep 17 00:00:00 2001
+From: WANG Cong <xiyou.wangcong@gmail.com>
+Date: Mon, 14 Dec 2015 13:48:36 -0800
+Subject: pptp: verify sockaddr_len in pptp_bind() and pptp_connect()
+[ Upstream commit 09ccfd238e5a0e670d8178cf50180ea81ae09ae1 ]
+CVE: CVE-2015-8569
+Upstream-Status: Backport
+Reported-by: Dmitry Vyukov <dvyukov@gmail.com>
+Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ drivers/net/ppp/pptp.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+diff --git a/drivers/net/ppp/pptp.c b/drivers/net/ppp/pptp.c
+index e3bfbd4d..0bacabf 100644
+--- a/drivers/net/ppp/pptp.c
+++ b/drivers/net/ppp/pptp.c
+@@ -420,6 +420,9 @@ static int pptp_bind(struct socket *sock, struct sockaddr *uservaddr,
+        struct pptp_opt *opt = &po->proto.pptp;
+        int error = 0;
+ 
+       if (sockaddr_len < sizeof(struct sockaddr_pppox))
+               return -EINVAL;
+
+        lock_sock(sk);
+ 
+        opt->src_addr = sp->sa_addr.pptp;
+@@ -441,6 +444,9 @@ static int pptp_connect(struct socket *sock, struct sockaddr *uservaddr,
+        struct flowi4 fl4;
+        int error = 0;
+ 
+       if (sockaddr_len < sizeof(struct sockaddr_pppox))
+               return -EINVAL;
+
+        if (sp->sa_protocol != PX_PROTO_PPTP)
+                return -EINVAL;
+ 
+-- 
+cgit v0.12
diff --git a/recipes-kernel/linux/linux-hierofalcon_3.19.bb b/recipes-kernel/linux/linux-hierofalcon_3.19.bb
index 5419b62..5c24d8e 100644
--- a/recipes-kernel/linux/linux-hierofalcon_3.19.bb
+++ b/recipes-kernel/linux/linux-hierofalcon_3.19.bb
@@ -37,6 +37,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto-3.19;branch="standard/qemuarm6
           file://ALSA-CVE-2016-2546.patch \
           file://Btrfs-CVE-2015-8374.patch \
           file://ALSA-CVE-2016-2384.patch \
+           file://net-ppp-CVE-2015-8569.patch \
           "
 S = "${WORKDIR}/git"
diff --git a/recipes-kernel/linux/linux-hierofalcon_4.1.bb b/recipes-kernel/linux/linux-hierofalcon_4.1.bb
index 39c40dd..9a0f2d7 100644
--- a/recipes-kernel/linux/linux-hierofalcon_4.1.bb
+++ b/recipes-kernel/linux/linux-hierofalcon_4.1.bb
@@ -38,6 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto-4.1;branch="standard/qemuarm64
           file://ALSA-CVE-2016-2546.patch \
           file://Btrfs-CVE-2015-8374.patch \
           file://ALSA-CVE-2016-2384.patch \
+           file://net-ppp-CVE-2015-8569.patch \
           "
 S = "${WORKDIR}/git"
author	Sona Sarmadi <sona.sarmadi@enea.com>	2016-06-01 08:27:18 +0200
committer	Tudor Florea <tudor.florea@enea.com>	2016-06-01 09:08:39 +0200
commit	cb7889476c50f4223fc761c08f6953ce7a05e537 (patch)
tree	2a7b868a0d92d53ea47282d5b29f43f0a56b84e7 /recipes-kernel/linux
parent	f843c4d152d2819b4df601a19e71f15099efecc4 (diff)
download	meta-hierofalcon-cb7889476c50f4223fc761c08f6953ce7a05e537.tar.gz

diff --git a/recipes-kernel/linux/linux-hierofalcon/net-ppp-CVE-2015-8569.patch b/recipes-kernel/linux/linux-hierofalcon/net-ppp-CVE-2015-8569.patch new file mode 100644 index 0000000..0efaa09 --- /dev/null +++ b/recipes-kernel/linux/linux-hierofalcon/net-ppp-CVE-2015-8569.patch
@@ -0,0 +1,46 @@
		1	From f167b6f4244fbc8d05fcc385b1bf8e70729c9e7c Mon Sep 17 00:00:00 2001
		2	From: WANG Cong <xiyou.wangcong@gmail.com>
		3	Date: Mon, 14 Dec 2015 13:48:36 -0800
		4	Subject: pptp: verify sockaddr_len in pptp_bind() and pptp_connect()
		5
		6	[ Upstream commit 09ccfd238e5a0e670d8178cf50180ea81ae09ae1 ]
		7
		8	CVE: CVE-2015-8569
		9	Upstream-Status: Backport
		10
		11	Reported-by: Dmitry Vyukov <dvyukov@gmail.com>
		12	Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
		13	Signed-off-by: David S. Miller <davem@davemloft.net>
		14	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
		15	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
		16	---
		17	drivers/net/ppp/pptp.c \| 6 ++++++
		18	1 file changed, 6 insertions(+)
		19
		20	diff --git a/drivers/net/ppp/pptp.c b/drivers/net/ppp/pptp.c
		21	index e3bfbd4d..0bacabf 100644
		22	--- a/drivers/net/ppp/pptp.c
		23	+++ b/drivers/net/ppp/pptp.c
		24	@@ -420,6 +420,9 @@ static int pptp_bind(struct socket sock, struct sockaddr uservaddr,
		25	struct pptp_opt *opt = &po->proto.pptp;
		26	int error = 0;
		27
		28	+ if (sockaddr_len < sizeof(struct sockaddr_pppox))
		29	+ return -EINVAL;
		30	+
		31	lock_sock(sk);
		32
		33	opt->src_addr = sp->sa_addr.pptp;
		34	@@ -441,6 +444,9 @@ static int pptp_connect(struct socket sock, struct sockaddr uservaddr,
		35	struct flowi4 fl4;
		36	int error = 0;
		37
		38	+ if (sockaddr_len < sizeof(struct sockaddr_pppox))
		39	+ return -EINVAL;
		40	+
		41	if (sp->sa_protocol != PX_PROTO_PPTP)
		42	return -EINVAL;
		43
		44	--
		45	cgit v0.12
		46


diff --git a/recipes-kernel/linux/linux-hierofalcon_3.19.bb b/recipes-kernel/linux/linux-hierofalcon_3.19.bb index 5419b62..5c24d8e 100644 --- a/recipes-kernel/linux/linux-hierofalcon_3.19.bb +++ b/recipes-kernel/linux/linux-hierofalcon_3.19.bb
@@ -37,6 +37,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto-3.19;branch="standard/qemuarm6
37	file://ALSA-CVE-2016-2546.patch \	37	file://ALSA-CVE-2016-2546.patch \
38	file://Btrfs-CVE-2015-8374.patch \	38	file://Btrfs-CVE-2015-8374.patch \
39	file://ALSA-CVE-2016-2384.patch \	39	file://ALSA-CVE-2016-2384.patch \
		40	file://net-ppp-CVE-2015-8569.patch \
40	"	41	"
41		42
42	S = "${WORKDIR}/git"	43	S = "${WORKDIR}/git"


diff --git a/recipes-kernel/linux/linux-hierofalcon_4.1.bb b/recipes-kernel/linux/linux-hierofalcon_4.1.bb index 39c40dd..9a0f2d7 100644 --- a/recipes-kernel/linux/linux-hierofalcon_4.1.bb +++ b/recipes-kernel/linux/linux-hierofalcon_4.1.bb
@@ -38,6 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto-4.1;branch="standard/qemuarm64
38	file://ALSA-CVE-2016-2546.patch \	38	file://ALSA-CVE-2016-2546.patch \
39	file://Btrfs-CVE-2015-8374.patch \	39	file://Btrfs-CVE-2015-8374.patch \
40	file://ALSA-CVE-2016-2384.patch \	40	file://ALSA-CVE-2016-2384.patch \
		41	file://net-ppp-CVE-2015-8569.patch \
41	"	42	"
42		43
43	S = "${WORKDIR}/git"	44	S = "${WORKDIR}/git"