 Home |
Products |
Support |
Community |
News |
xen-changelog
[Xen-changelog] [linux-2.6.18-xen] CVE-2008-0600: Fix exploitable hole i
| To: | xen-changelog@xxxxxxxxxxxxxxxxxxx |
|---|---|
| Subject: | [Xen-changelog] [linux-2.6.18-xen] CVE-2008-0600: Fix exploitable hole in vmsplice() syscall. |
| From: | "Xen patchbot-linux-2.6.18-xen" <patchbot-linux-2.6.18-xen@xxxxxxxxxxxxxxxxxxx> |
| Date: | Mon, 11 Feb 2008 07:10:36 -0800 |
| Delivery-date: | Mon, 11 Feb 2008 07:12:11 -0800 |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxx |
| List-help: | <mailto:xen-changelog-request@lists.xensource.com?subject=help> |
| List-id: | BK change log <xen-changelog.lists.xensource.com> |
| List-post: | <mailto:xen-changelog@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe> |
| Reply-to: | xen-devel@xxxxxxxxxxxxxxxxxxx |
| Sender: | xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx |
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1202727927 0
# Node ID 08e85e79c65d0316bfda5e77e8a0dc7ab9ca181a
# Parent 90fbf541d772e9df4e7a4be3ed667d9bac5412c0
CVE-2008-0600: Fix exploitable hole in vmsplice() syscall.
Fix is Al Viro's suggested patch for RHEL5.
Signed-off-by: Keir Fraser <keir.fraser@xxxxxxxxxx>
---
fs/splice.c | 3 +++
1 files changed, 3 insertions(+)
diff -r 90fbf541d772 -r 08e85e79c65d fs/splice.c
--- a/fs/splice.c Mon Feb 11 10:19:25 2008 +0000
+++ b/fs/splice.c Mon Feb 11 11:05:27 2008 +0000
@@ -1141,6 +1141,9 @@ static int get_iovec_page_array(const st
if (unlikely(!base))
break;
+ if (unlikely(!access_ok(VERIFY_READ, base, len)))
+ break;
+
/*
* Get this base offset and number of pages, then map
* in the user pages.
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-changelog] [linux-2.6.18-xen] xen balloon: allocate and free cold pages, Xen patchbot-linux-2.6.18-xen |
|---|---|
| Next by Date: | [Xen-changelog] [linux-2.6.18-xen] block: backport Jens Axboe's commit from, Xen patchbot-linux-2.6.18-xen |
| Previous by Thread: | [Xen-changelog] [linux-2.6.18-xen] xen balloon: allocate and free cold pages, Xen patchbot-linux-2.6.18-xen |
| Next by Thread: | [Xen-changelog] [linux-2.6.18-xen] block: backport Jens Axboe's commit from, Xen patchbot-linux-2.6.18-xen |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
