kernel, branch linux-2.6.13.y

Linux 2.6.13.5

2005-12-15T18:38:27Z

[PATCH] Fix compile error in irq.c

2005-12-15T18:33:18Z

irq.c is missing the inclusion of asm/io.h, which causes readb() and writeb() the be undefined. Signed-off-by: Sven Hartge Signed-off-by: David S. Miller Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman

[PATCH] CVE-2005-2709 sysctl unregistration oops

2005-12-15T18:33:17Z

You could open the /proc/sys/net/ipv4/conf// file, then wait for interface to go away, try to grab as much memory as possible in hope to hit the (kfreed) ctl_table. Then fill it with pointers to your function. Then do read from file you've opened and if you are lucky, you'll get it called as ->proc_handler() in kernel mode. So this is at least an Oops and possibly more. It does depend on an interface going away though, so less of a security risk than it would otherwise be. Signed-off-by: Greg Kroah-Hartman

[PATCH] br: fix race on bridge del if

2005-12-15T18:33:17Z

This fixes the RCU race on bridge delete interface. Basically, the network device has to be detached from the bridge in the first step (pre-RCU), rather than later. At that point, no more bridge traffic will come in, and the other code will not think that network device is part of a bridge. This should also fix the XEN test problems. If there is another 2.6.13-stable, add it as well. Signed-off-by: Stephen Hemminger Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman

Linux 2.6.13.4

2005-10-10T18:54:29Z

[PATCH] key: plug request_key_auth memleak (CAN-2005-3119)

2005-10-10T18:50:55Z

Plug request_key_auth memleak. This can be triggered by unprivileged users, so is local DoS. Signed-off-by: Chris Wright Signed-Off-By: David Howells Signed-off-by: Greg Kroah-Hartman

[PATCH] Fix drm 'debug' sysfs permissions

2005-10-10T18:50:55Z

Please consider for next 2.6.13, it is a minor security issue allowing users to turn on drm debugging when they shouldn't... This fell through the cracks. Until Josh pointed me at http://bugs.gentoo.org/show_bug.cgi?id=107893 Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman

[PATCH] Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL

2005-10-10T18:50:54Z

Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL The nameidata "last.name" is always allocated with "__getname()", and should always be free'd with "__putname()". Using "putname()" without the underscores will leak memory, because the allocation will have been hidden from the AUDITSYSCALL code. Arguably the real bug is that the AUDITSYSCALL code is really broken, but in the meantime this fixes the problem people see. Reported by Robert Derr, patch by Rick Lindsley. Acked-by: Al Viro Signed-off-by: Linus Torvalds Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman

[PATCH] Fix userland FPU state corruption.

2005-10-10T18:50:54Z

We need to use stricter memory barriers around the block load and store instructions we use to save and restore the FPU register file. Signed-off-by: David S. Miller Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman

[PATCH] BIC coding bug in Linux 2.6.13

2005-10-10T18:50:54Z

Please consider this change for 2.6.13-stable Since BIC is the default congestion control algorithm, this fix is quite important. Missing parenthesis in causes BIC to be slow in increasing congestion window. Spotted by Injong Rhee. Signed-off-by: Stephen Hemminger Signed-off-by: David S. Miller Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman