From: Stefan Schantl Date: Sun, 3 May 2009 09:06:53 +0000 (+0200) Subject: Added a Patch to fix a local privilege escalation in udev. X-Git-Tag: v2.5-beta3~25^2~2 X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=commitdiff_plain;h=835b323eff9ae1acea77d9f372260d5ce7fcb385 Added a Patch to fix a local privilege escalation in udev. CVE-2009-1185: udev did not check the origin of the netlink messages. A local attacker could fake device create events and so gain root privileges. More information on: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186 --- diff --git a/lfs/udev b/lfs/udev index 4667ff4a68..4d14fdee0e 100644 --- a/lfs/udev +++ b/lfs/udev @@ -81,6 +81,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/udev-096-netif_rename.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/udev-CVE-2009-1186.patch ifeq "$(LFS_PASS)" "install" cd $(DIR_APP) && make DESTDIR=/install/initrd sbindir=/sbin udevdir=/dev cd $(DIR_APP) && make DESTDIR=/install/initrd sbindir=/sbin udevdir=/dev install diff --git a/src/patches/udev-CVE-2009-1186.patch b/src/patches/udev-CVE-2009-1186.patch new file mode 100644 index 0000000000..56332ca64c --- /dev/null +++ b/src/patches/udev-CVE-2009-1186.patch @@ -0,0 +1,20 @@ +--- udev-141/udev/lib/libudev-util.c.CVE-2009-1186 2009-04-08 09:04:26.000000000 -0400 ++++ udev-141/udev/lib/libudev-util.c 2009-04-15 13:25:10.000000000 -0400 +@@ -9,6 +9,7 @@ + * version 2.1 of the License, or (at your option) any later version. + */ + ++#include + #include + #include + #include +@@ -103,6 +104,9 @@ int util_log_priority(const char *priori + + size_t util_path_encode(char *s, size_t len) + { ++ if (len == 0 || len > (SIZE_MAX - 1) / 4) ++ return 0; ++ + char t[(len * 4)+1]; + size_t i, j; +