Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 188500 Details for
Bug 266290
<sys-fs/udev-124-r2: Local root exploit (CVE-2009-{1185,1186})
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
udev-124.patch
udev-124.patch (text/plain), 1.13 KB, created by
Robert Buchholz (RETIRED)
on 2009-04-15 20:59:12 UTC
(
hide
)
Description:
udev-124.patch
Filename:
MIME Type:
Creator:
Robert Buchholz (RETIRED)
Created:
2009-04-15 20:59:12 UTC
Size:
1.13 KB
patch
obsolete
>diff -ruNp udev-124~/udevd.c udev-124/udevd.c >--- udev-124~/udevd.c 2008-06-11 22:24:30.000000000 -0700 >+++ udev-124/udevd.c 2009-04-08 16:30:06.000000000 -0700 >@@ -753,16 +753,34 @@ static struct udevd_uevent_msg *get_netl > struct udevd_uevent_msg *msg; > int bufpos; > ssize_t size; >+ struct sockaddr_nl snl; >+ struct msghdr smsg; >+ struct iovec iov; > static char buffer[UEVENT_BUFFER_SIZE+512]; > char *pos; > >- size = recv(uevent_netlink_sock, &buffer, sizeof(buffer), 0); >+ iov.iov_base = buffer; >+ iov.iov_len = sizeof(buffer); >+ >+ memset(&smsg, 0x00, sizeof(struct msghdr)); >+ smsg.msg_name = &snl; >+ smsg.msg_namelen = sizeof(struct sockaddr_nl); >+ smsg.msg_iov = &iov; >+ smsg.msg_iovlen = 1; >+ >+ size = recvmsg(uevent_netlink_sock, &smsg, 0); > if (size < 0) { > if (errno != EINTR) > err("unable to receive kernel netlink message: %s\n", strerror(errno)); > return NULL; > } > >+ if ((snl.nl_groups != 1) || (snl.nl_pid != 0)) { >+ info("ignored netlink message from invalid group/sender %d/%d\n", >+ snl.nl_groups, snl.nl_pid); >+ return NULL; >+ } >+ > if ((size_t)size > sizeof(buffer)-1) > size = sizeof(buffer)-1; > buffer[size] = '\0';
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 266290
: 188500