New Kernel Crash-Exploit discovered

Jon Peatfield J.S.Peatfield at damtp.cam.ac.uk
Wed Jun 16 21:39:24 UTC 2004


I've now picked up those patches (I hadn't known about them since I'd
only been looking on the FL mirrors <doh!>).

I will include these extra patches in my next kernels (building now).

My diff against your 33.7.legacy specfile is now just:

--cut-here--
--- kernel-2.4.spec.33.7.legacy	2004-06-16 21:58:41.000000000 +0100
+++ kernel-2.4.spec	2004-06-16 22:01:35.000000000 +0100
@@ -21,7 +21,7 @@
 # that the kernel isn't the stock RHL kernel, for example by
 # adding some text to the end of the version number.
 #
-%define release 33.7.legacy
+%define release 34.8.JSP
 %define sublevel 20
 %define kversion 2.4.%{sublevel}
 # /usr/src/%{kslnk} -> /usr/src/linux-%{KVERREL}
@@ -291,7 +291,7 @@
 Patch960: linux-2.4.26pre-selected-bits.patch
 Patch970: linux-2.4.25pre-selected-patches.legacy.patch
 Patch980: linux-2.4.26pre-selected-patches.legacy.patch
-Patch990: linux-2.4.27pre-fix-x86-clear_fpu-macro.patch
+Patch990: linux-2.4.x.fpu.patch
 
 #
 # Patches 1000 to 5000 are reserved for bugfixes to drivers and filesystems
@@ -338,6 +338,7 @@
 Patch1380: linux-2.4.9-fstat.patch
 Patch1390: linux-2.4.18-irixnfs.patch
 Patch1391: linux-2.4.18-nfs-default-size.patch
+Patch1392: linux-2.4.23-03-fix_osx.dif
 Patch1410: linux-2.4.20-sbp2-smpfixes.patch
 Patch1420: linux-2.4.7-suspend.patch
 Patch1450: linux-2.4.18-orinoco.patch
@@ -956,6 +957,10 @@
 %patch1391 -p1
 #
 
+# this fixes the nfs cookie handling to allow over 8-byte cookies
+# needed for support of osx 10.3 and freebsd.
+%patch1392 -p1
+
 #
 # Fix some firewire deadlocks (fixes from upstream maintainter)
 #
@@ -1936,6 +1941,16 @@
 %changelog
 * Tue Jun 15 2004 Dominic Hargreaves <dom at earth.li>
 - Fix local DoS in "clear_cpu()" macro.
+- See the redhat bugzilla entry:
+- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125900
+- which has a proposed patch for RHEL/FC1
+- http://bugzilla.redhat.com/bugzilla/attachment.cgi?id=101125&action=view
+
+* Sat Jun 12 2004 Jon Peatfield <J.S.Peatfield at damtp.cam.ac.uk>
+- nfs patch from Trond to allow us to serve clients which use
+- cookies != 8 bytes, OSX 10.3 uses 30 FreeBSD uses 20...
+- See http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125996
+- http://www.fys.uio.no/~trondmy/src/Linux-2.4.x/2.4.23-rc1/linux-2.4.23-03-fix_osx.dif
 
 * Thu May 13 2004 Dominic Hargreaves <dom at earth.li>
 - Fix information leak in cpufreq userspace ioctl. (CAN-2004-0228)
--cut-here--

I still need the NFS fix and the fpu patch I includes (from RHEL/FC)
patched the x86_64 (not that I have any but I found that one in redhat
bugzilla).

I bumped the version number to note the NFS server fix.  Of course
this has little to do with FL since it doesn't support RH80 :-)

Please don't let my witterings delay the release of the next FL kernel
update!

  -- Jon





More information about the fedora-legacy-list mailing list