[kernel] r6668 - in dists/sid/linux-2.6/debian: patches patches/series

maximilian attems maks-guest at costa.debian.org
Mon May 22 20:31:37 UTC 2006 

Author: maks-guest
Date: Mon May 22 20:31:36 2006
New Revision: 6668

Added:
   dists/sid/linux-2.6/debian/patches/2.6.16.18
   dists/sid/linux-2.6/debian/patches/series/15
Modified:
   dists/sid/linux-2.6/debian/changelog

Log:
add 2.6.16.18


Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog	(original)
+++ dists/sid/linux-2.6/debian/changelog	Mon May 22 20:31:36 2006
@@ -1,3 +1,10 @@
+linux-2.6 (2.6.16-15) UNRELEASED; urgency=low
+
+  * Add stable release 2.6.16.18:
+    - NETFILTER: SNMP NAT: fix memory corruption (CVE-2006-2444)
+
+ -- maximilian attems <maks at sternwelten.at>  Mon, 22 May 2006 22:25:35 +0200
+
 linux-2.6 (2.6.16-14) unstable; urgency=low
 
   [ Bastian Blank ]

Added: dists/sid/linux-2.6/debian/patches/2.6.16.18
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/2.6.16.18	Mon May 22 20:31:36 2006
@@ -0,0 +1,36 @@
+diff --git a/net/ipv4/netfilter/ip_nat_snmp_basic.c b/net/ipv4/netfilter/ip_nat_snmp_basic.c
+index 4f95d47..df57e7a 100644
+--- a/net/ipv4/netfilter/ip_nat_snmp_basic.c
++++ b/net/ipv4/netfilter/ip_nat_snmp_basic.c
+@@ -1000,12 +1000,12 @@ static unsigned char snmp_trap_decode(st
+ 		
+ 	return 1;
+ 
++err_addr_free:
++	kfree((unsigned long *)trap->ip_address);
++
+ err_id_free:
+ 	kfree(trap->id);
+ 
+-err_addr_free:
+-	kfree((unsigned long *)trap->ip_address);
+-	
+ 	return 0;
+ }
+ 
+@@ -1123,11 +1123,10 @@ static int snmp_parse_mangle(unsigned ch
+ 		struct snmp_v1_trap trap;
+ 		unsigned char ret = snmp_trap_decode(&ctx, &trap, map, check);
+ 		
+-		/* Discard trap allocations regardless */
+-		kfree(trap.id);
+-		kfree((unsigned long *)trap.ip_address);
+-		
+-		if (!ret)
++		if (ret) {
++			kfree(trap.id);
++			kfree((unsigned long *)trap.ip_address);
++		} else 
+ 			return ret;
+ 		
+ 	} else {

Added: dists/sid/linux-2.6/debian/patches/series/15
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/series/15	Mon May 22 20:31:36 2006
@@ -0,0 +1 @@
++ 2.6.16.18

More information about the Kernel-svn-changes mailing list