[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] patch against general kernel NULL pointer vulnurability


  • To: <xen-users@xxxxxxxxxxxxxxxxxxx>
  • From: "netz-haut - stephan seitz" <s.seitz@xxxxxxxxxxxx>
  • Date: Fri, 14 Aug 2009 13:51:05 +0200
  • Delivery-date: Fri, 14 Aug 2009 04:52:03 -0700
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
  • Thread-index: Acoc1YEPv1IfZojIEd7GhwBQBPU9LA==
  • Thread-topic: patch against general kernel NULL pointer vulnurability

Hi there,

Due to http://lwn.net/Articles/347006/
or http://lists.grok.org.uk/pipermail/full-disclosure/2009-August/070197.html

virtually all x86 and x86_64 kernels are vulnerable.

I patched and build a 2.6.29-xen-r4 kernel which has been posted on this list
a few weeks ago. I'm using this kernel after a lot of testing productive.

D/L here: http://www.schwarz-mode.de/files/xen-newer-stuff/

Original patch: 
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;f=net/socket.c;h=6d47165590473daa4990bf69b0435d5c49b41302;hp=791d71a36a93dfec5166fe05e2e0cb394cfa904b;hb=e694958388c50148389b0e9b9e9e8945cf0f1b98;hpb=a3620f7545344f932873bf98fbdf416b49409c8e

I'll build a 2.6.18.8-xen from xensource repo also, but as I'm currently running
most machines with 2.6.29-xen-r4 this is not on my prio list.

Regards,



Mit freundlichen Gruessen

--
Stephan Seitz
Senior System Administrator

*netz-haut* e.K.
multimediale kommunikation

zweierweg 22
97074 würzburg

fon: +49 931 2876247
fax: +49 931 2876248

web: http://www.netz-haut.de/

registriergericht: amtsgericht würzburg, hra 5054




_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.