2006-05-31 01:18:16

by Chris Wright

[permalink] [raw]
Subject: Linux 2.6.16.19

We (the -stable team) are announcing the release of the 2.6.16.19 kernel.
Small fix for information leak with netfilter (CVE-2006-1343).

The diffstat and short summary of the fixes are below.

I'll also be replying to this message with a copy of the patch between
2.6.16.18 and 2.6.16.19, as it is small enough to do so.

The updated 2.6.16.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-2.6.16.y.git
and can be browsed at the normal kernel.org git web browser:
http://www.kernel.org/git/

thanks,
-chris

--------

Makefile | 2 +-
net/ipv4/netfilter/ip_conntrack_core.c | 1 +
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 1 +
3 files changed, 3 insertions(+), 1 deletion(-)

Summary of changes from v2.6.16.18 to v2.6.16.19
================================================

Chris Wright:
Linux 2.6.16.19

Marcel Holtmann:
NETFILTER: Fix small information leak in SO_ORIGINAL_DST (CVE-2006-1343)


2006-05-31 01:18:55

by Chris Wright

[permalink] [raw]
Subject: Re: Linux 2.6.16.19

diff --git a/Makefile b/Makefile
index 2567664..bf2e152 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,7 @@
VERSION = 2
PATCHLEVEL = 6
SUBLEVEL = 16
-EXTRAVERSION = .18
+EXTRAVERSION = .19
NAME=Sliding Snow Leopard

# *DOCUMENTATION*
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c
index 84c66db..43f6b45 100644
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -1318,6 +1318,7 @@ getorigdst(struct sock *sk, int optval,
.tuple.dst.u.tcp.port;
sin.sin_addr.s_addr = ct->tuplehash[IP_CT_DIR_ORIGINAL]
.tuple.dst.ip;
+ memset(sin.sin_zero, 0, sizeof(sin.sin_zero));

DEBUGP("SO_ORIGINAL_DST: %u.%u.%u.%u %u\n",
NIPQUAD(sin.sin_addr.s_addr), ntohs(sin.sin_port));
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index 6c8624a..62a0f52 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -354,6 +354,7 @@ getorigdst(struct sock *sk, int optval,
.tuple.dst.u.tcp.port;
sin.sin_addr.s_addr = ct->tuplehash[IP_CT_DIR_ORIGINAL]
.tuple.dst.u3.ip;
+ memset(sin.sin_zero, 0, sizeof(sin.sin_zero));

DEBUGP("SO_ORIGINAL_DST: %u.%u.%u.%u %u\n",
NIPQUAD(sin.sin_addr.s_addr), ntohs(sin.sin_port));