[meta-ti] [PATCH] linux-keystone: Fix CVE-2014-2309

Sona Sarmadi sona.sarmadi at enea.com
Tue Aug 5 05:25:05 PDT 2014 

Fix for CVE-2014-2309 - don't set DST_NOCOUNT for remotely added routes.

Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>
---
 ...14-2309-dont-set-DST_NOCOUNT-for-remotely.patch | 36 ++++++++++++++++++++++
 recipes-kernel/linux/linux-keystone_3.10.bb        |  1 +
 2 files changed, 37 insertions(+)
 create mode 100644 recipes-kernel/linux/files/Fix-CVE-2014-2309-dont-set-DST_NOCOUNT-for-remotely.patch

diff --git a/recipes-kernel/linux/files/Fix-CVE-2014-2309-dont-set-DST_NOCOUNT-for-remotely.patch b/recipes-kernel/linux/files/Fix-CVE-2014-2309-dont-set-DST_NOCOUNT-for-remotely.patch
new file mode 100644
index 0000000..044e2e1
--- /dev/null
+++ b/recipes-kernel/linux/files/Fix-CVE-2014-2309-dont-set-DST_NOCOUNT-for-remotely.patch
@@ -0,0 +1,36 @@
+From b3da7f60d51cebeecde61349e0f9a7c319293317 Mon Sep 17 00:00:00 2001
+From: Sabrina Dubroca <sd at queasysnail.net>
+Date: Thu, 6 Mar 2014 17:51:57 +0100
+Subject: [PATCH] ipv6: don't set DST_NOCOUNT for remotely added routes
+
+DST_NOCOUNT should only be used if an authorized user adds routes
+locally. In case of routes which are added on behalf of router
+advertisments this flag must not get used as it allows an unlimited
+number of routes getting added remotely.
+
+Upstream-Status: Backport
+
+Signed-off-by: Sabrina Dubroca <sd at queasysnail.net>
+Acked-by: Hannes Frederic Sowa <hannes at stressinduktion.org>
+Signed-off-by: David S. Miller <davem at davemloft.net>
+Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>
+---
+ net/ipv6/route.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/net/ipv6/route.c b/net/ipv6/route.c
+index bacce6c..b68500a 100644
+--- a/net/ipv6/route.c
++++ b/net/ipv6/route.c
+@@ -1399,7 +1399,7 @@ int ip6_route_add(struct fib6_config *cfg)
+ 	if (!table)
+ 		goto out;
+ 
+-	rt = ip6_dst_alloc(net, NULL, DST_NOCOUNT, table);
++	rt = ip6_dst_alloc(net, NULL, (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT, table);
+ 
+ 	if (!rt) {
+ 		err = -ENOMEM;
+-- 
+1.9.1
+
diff --git a/recipes-kernel/linux/linux-keystone_3.10.bb b/recipes-kernel/linux/linux-keystone_3.10.bb
index e90c9fc..0e9e12a 100644
--- a/recipes-kernel/linux/linux-keystone_3.10.bb
+++ b/recipes-kernel/linux/linux-keystone_3.10.bb
@@ -26,6 +26,7 @@ PV = "3.10.10"
 BRANCH = "master"
 SRC_URI = "git://git.ti.com/keystone-linux/linux.git;protocol=git;branch=${BRANCH}\
            file://defconfig\
+           file://Fix-CVE-2014-2309-dont-set-DST_NOCOUNT-for-remotely.patch\
            "
 
 S = "${WORKDIR}/git"
-- 
1.9.1

More information about the meta-ti mailing list