Bug 132855 - Kernel: fs/locks.c Fix lease_init (CVE-2006-{1859,1860})
It is insane to be giving lease_init() the task of freeing the lock it is
supposed to initialise, given that the lock is not guaranteed to be
allocated on the stack. This causes lockups in fcntl_setlease().
Problem diagnosed by Daniel Hokka Zakrisson <daniel@hozac.com>
Also fix a slab leak in __setlease() due to an uninitialised return value.
Problem diagnosed by Björn Steinbrink.
Tested-by: Daniel Hokka Zakrisson <daniel@hozac.com>
It is insane to be giving lease_init() the task of freeing the lock it is
supposed to initialise, given that the lock is not guaranteed to be
allocated on the stack. This causes lockups in fcntl_setlease().
Problem diagnosed by Daniel Hokka Zakrisson <daniel@hozac.com>
Also fix a slab leak in __setlease() due to an uninitialised return value.
Problem diagnosed by Björn Steinbrink.
Tested-by: Daniel Hokka Zakrisson <daniel@hozac.com>
2.6.16.16 released to fix this issue.
*** Bug 133024 has been marked as a duplicate of this bug. ***
Dan, please bump genpatches to .16.16. Thanks.
Fixed in genpatches-2.6.16-10 (gentoo-sources-2.6.16-r8)
*** Bug 133863 has been marked as a duplicate of this bug. ***
Maintainers please bump:
hardened-sources-2.6: johnm, hardened herd
hppa-sources-2.6: GMSoft
rsbac-sources-2.6: kang
sh-sources-2.6: vapier
suspend2-sources-2.6: brix
usermode-sources-2.6: dang
hppa-sources-2.6.16.18-pa11 in the tree.
Fixed in sys-kernel/suspend2-sources-2.6.16-r7.
usermode bumped to 2.6.16-r1
All fixed, closing. vapier please bump sh-sources.
