http://isec.pl/vulnerabilities/isec-0019-scm.txt http://isec.pl/vulnerabilities/isec-0018-igmp.txt
Separating the two issues. this one will be for the IGMP one : Synopsis: Linux kernel IGMP vulnerabilities Product: Linux kernel Version: 2.4 up to and including 2.4.28, 2.6 up to and including 2.6.9 Vendor: http://www.kernel.org/ URL: http://isec.pl/vulnerabilities/isec-0018-igmp.txt CVE: CAN-2004-1137 Author: Paul Starzetz <ihaquer@isec.pl> Date: Dec 14, 2004 BK changesets : http://linux.bkbits.net:8080/linux-2.4/cset@41b76e94BsJKm8jhVtyDat9ZM1dXXg http://linux.bkbits.net:8080/linux-2.6/cset@41b768d1ySHbfa7cUWDle8NjDT_02A http://linux.bkbits.net:8080/linux-2.6/cset@41b76c07Ee61GkoNwMH-oOvWG2FdxA
*** Bug 73210 has been marked as a duplicate of this bug. ***
The BK changesets in comment #1 appear to be for isec-0019-scm
Yes, you're right... I was confused by those CMSG/IGMP stuff. Latest patch by Chris Wright follows.
Created attachment 46018 [details, diff] Patch (2.4/2.6) Patch by Chris Wright (chrisw@osdl.org)
Any version for 2.4.28 available? Attachment 46018 [details, diff] doesn't apply on it.
Any fixed version coming to portage?
Ah, sorry. gentoo-dev-sources-2.6.9-r10 has the fix, but is masked. May I suggest unmasking?
sparc-sources 2.4.28-r2 are patched
Doesn't affect <= 2.4.21...
Patched in ~x86 hardened-sources-2.4.28-r1
Ok, all patched - the following externally maintained sources still need patching: gentoo-dev-sources-2.6.7 -- Adding dsd... hppa(-dev)-sources -- Adding GMSoft... mips-sources -- Adding `Kumba... openmosix-sources -- Adding cluster herd... pegasos-dev-sources -- Adding dholm... rsbac(-dev)-sources -- Adding kang...
hardened-dev-sources-r18 fixed
gentoo-dev-sources 2.6.8 (not 2.6.7) is eradicators deal
Sorry, sparc is actually on 2.6.9 and already done
pegasos-dev-sources fixed
2.4 is dropped on hppa and I've added 2.6.10-pa1 which doesn't seems affected by this problem.
done in oM6-sources.
mips-sources fixed.
rsbac-dev-sources/rsbac-sources patched
kang: 2.6.10 and 2.4.28-r2 need stabilizing...
Tim Yamin : I'm working on it. Didn't had inet the past weeks due to a big isp failure.. i just got it back today. I was able to commit a few things in between ;) will get that ready before 2005.0 snapshot (luckily isp doesn't fails tomorrow again ;)
Mass-Ccing kern-sec@gentoo.org to make sure Kernel Security guys know about all of these...
All fixed, closing bug.
http://git.kernel.org/?p=linux/kernel/git/tglx/history.git;a=commit;h=620512af09f33236b4ea04372816b761d48586d9 http://git.kernel.org/?p=linux/kernel/git/tglx/history.git;a=commit;h=cfd024d7691544c8b666a7b6aa1e44215775de6b