ACK/cmnt: [Precise][P/lts-backport-quantal][P/lts-backport-raring][CVE-2014-4608][PATCH 0/3] lzo: properly check for overruns

Stefan Bader stefan.bader at canonical.com
Mon Jun 30 08:44:27 UTC 2014 

On 27.06.2014 18:39, Luis Henriques wrote:
>  WARNING:
>  The buglink is missing in these patches!  Whoever is applying
>  the patches, please wait for the buglink to be provided!
> 
> Following this email I'm sending 3 patches that include the Precise,
> lts-backport-quantal and lts-backport-raring fix for this CVE.  I've
> used the same approach used by GregKH for the 3.4 stable kernel
> backport, i.e., picked the following 3 commits:
> 
>  b6bec26cea94 "lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompress_safe.c"
No functional change.

>  8b975bd3f908 "lib/lzo: Update LZO compression to current upstream version"
Too big to do a quick review. Since it is a cherry-pick and assuming a bug in
the decompressor would quickly be noticed (on the other hand there is patch #3)
the risk should be okay-ish...

>  206a81c18401 "lzo: properly check for overruns"

Looks to be adding the constraints the description claims. Though goto
statements in defines make me shudder.

-Stefan

> 
> These are all clean cherry-picks for these 3 kernels.
> 
> Greg Kroah-Hartman (1):
>   lzo: properly check for overruns
> 
> Markus F.X.J. Oberhumer (2):
>   lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompress_safe.c
>   lib/lzo: Update LZO compression to current upstream version
> 
>  include/linux/lzo.h             |  15 +-
>  lib/decompress_unlzo.c          |   2 +-
>  lib/lzo/Makefile                |   2 +-
>  lib/lzo/lzo1x_compress.c        | 335 +++++++++++++++++++++++-----------------
>  lib/lzo/lzo1x_decompress.c      | 255 ------------------------------
>  lib/lzo/lzo1x_decompress_safe.c | 257 ++++++++++++++++++++++++++++++
>  lib/lzo/lzodefs.h               |  38 +++--
>  7 files changed, 488 insertions(+), 416 deletions(-)
>  delete mode 100644 lib/lzo/lzo1x_decompress.c
>  create mode 100644 lib/lzo/lzo1x_decompress_safe.c
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20140630/ad5f0a34/attachment.sig>

More information about the kernel-team mailing list