Xen project Mailing List

RE: [Xen-devel] general kernel NULL pointer vulnerability

To: "Keir Fraser" <keir.fraser@xxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>

From: "netz-haut - stephan seitz" <s.seitz@xxxxxxxxxxxx>

Date: Fri, 14 Aug 2009 17:40:29 +0200

Cc:

Delivery-date: Fri, 14 Aug 2009 08:41:17 -0700

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Thread-index: Acoc1GvDqgYJmIjHEd7GhwBQBPU9LAAB3eEjAAZOhZA=

Thread-topic: [Xen-devel] general kernel NULL pointer vulnerability

Hi Keir, I assume the following patch to net/socket.c utilizes the same code as the later intruced kernel_sendpage() wrapper. 701,704c701 < if (sock->ops->sendpage) < return sock->ops->sendpage(sock, page, offset, size, flags); < < return sock_no_sendpage(sock, page, offset, size, flags); --- > return sock->ops->sendpage(sock, page, offset, size, flags); Regards, Stephan > -----Original Message----- > From: Keir Fraser [mailto:keir.fraser@xxxxxxxxxxxxx] > Sent: Friday, August 14, 2009 2:37 PM > To: netz-haut - stephan seitz; xen-devel@xxxxxxxxxxxxxxxxxxx > Subject: Re: [Xen-devel] general kernel NULL pointer vulnerability > > There is no kernel_sendpage() in 2.6.18, so the patch cannot apply as > it is. > We should apply an equivalent though, I agree. > > -- Keir > > On 14/08/2009 12:43, "netz-haut - stephan seitz" <s.seitz@xxxxxxxxxxxx> > wrote: > > > Hi there, > > > > Due to http://lwn.net/Articles/347006/ > > or http://lists.grok.org.uk/pipermail/full-disclosure/2009- > August/070197.html > > > > the xenified 2.6.18 is also vulnerable. > > > > Linus did a working but questionable fix > > > > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux- > 2.6.git;a=blobdiff;f= > > > net/socket.c;h=6d47165590473daa4990bf69b0435d5c49b41302;hp=791d71a36a93 > dfec516 > > > 6fe05e2e0cb394cfa904b;hb=e694958388c50148389b0e9b9e9e8945cf0f1b98;hpb=a > 3620f75 > > 45344f932873bf98fbdf416b49409c8e > > > > I'd like to ask if you're going to add a patch to net/socket.c: > > sock_sendpage() in your xen repository? > > > > Regards, > > > > > > > > > > Mit freundlichen Gruessen > > > > -- > > Stephan Seitz > > Senior System Administrator > > > > *netz-haut* e.K. > > multimediale kommunikation > > > > zweierweg 22 > > 97074 würzburg > > > > fon: +49 931 2876247 > > fax: +49 931 2876248 > > > > web: http://www.netz-haut.de/ > > > > registriergericht: amtsgericht würzburg, hra 5054 > > > > > > > > > > _______________________________________________ > > Xen-devel mailing list > > Xen-devel@xxxxxxxxxxxxxxxxxxx > > http://lists.xensource.com/xen-devel > Mit freundlichen Gruessen -- Stephan Seitz Senior System Administrator *netz-haut* e.K. multimediale kommunikation zweierweg 22 97074 würzburg fon: +49 931 2876247 fax: +49 931 2876248 web: http://www.netz-haut.de/ registriergericht: amtsgericht würzburg, hra 5054 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.