[CVE-2010-4158]
Tim Gardner
tim.gardner at canonical.com
Fri Feb 18 18:18:48 UTC 2011
On 02/18/2011 09:41 AM, Stefan Bader wrote:
> https://bugs.launchpad.net/ubuntu/dapper/+source/linux/+bug/721282
>
> The sk_run_filter function in net/core/filter.c in the Linux kernel before
> 2.6.36.2 does not check whether a certain memory location has been
> initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM
> instruction, which allows local users to obtain potentially sensitive
> information from kernel stack memory via a crafted socket filter.
>
> Changes are already released in Natty and Maverick. For Lucid, Karmic,
> Hardy the backport just works around different environmental lines of
> code. Same for Dapper, just different lines.
>
> -Stefan
>
>
I'm surprised nobody complained about this patch when it first went
upstream. The substitution of f_k for fentry->k completely obscures the
original intent of the patch. Despite that, ACK for all releases.
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list