lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20081114161155.32573d3b@pedra.chehab.org>
Date:	Fri, 14 Nov 2008 16:11:55 -0200
From:	Mauro Carvalho Chehab <mchehab@...hat.com>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	linux-dvb-maintainer@...uxtv.org, video4linux-list@...hat.com,
	linux-kernel@...r.kernel.org, security@...nel.org,
	Eugene Teo <eteo@...hat.com>,
	Arjan van de Ven <arjan@...radead.org>
Subject: [GIT PATCHES for 2.6.28] V4L/DVB security fixes (CVE-2008-5033)

Linus,

Please pull from:
        ssh://master.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6.git for_linus

For a series of fixes at tvaudio module motivated by CVE-2008-5033.

This module were written back on 2000 and weren't receiving much 
attention nowadays. The only patches lately were related to API improvements
elsewhere (like V4L2 conversion and I2C changes).

This patch series fixes a memory leak and improves the error handling inside
the driver to reduce the potential risk of security issues, properly fixing
CVE-2008-5033.

It consists of the following patches:
   - tvaudio: fix a memory leak;
   - tvaudio: instead of using a magic number, use ARRAY_SIZE;
   - tvaudio: cleanup - group all callbacks together;
   - tvtime: remove generic_checkmode callback;
   - tvaudio: add additional logic to avoid OOPS;
   - tvaudio: update initial comments;
   - tvaudio: use a direct reference for chip description;
   - Avoid writing outside shadow.bytes[] array;
   - tvaudio: Improve comments and remove a unneeded prototype;
   - tvaudio: Improve debug msg by printing something more human;
   - CVE-2008-5033: fix OOPS on tvaudio when controlling bass/treble.

Cheers,
Mauro.

---

 drivers/media/video/tvaudio.c |  233 ++++++++++++++++++++++++++---------------
 1 files changed, 150 insertions(+), 83 deletions(-)

Mauro Carvalho Chehab (11):
      V4L/DVB (9613): tvaudio: fix a memory leak
      V4L/DVB (9615): tvaudio: instead of using a magic number, use ARRAY_SIZE
      V4L/DVB (9616): tvaudio: cleanup - group all callbacks together
      V4L/DVB (9617): tvtime: remove generic_checkmode callback
      V4L/DVB (9618): tvaudio: add additional logic to avoid OOPS
      V4L/DVB (9619): tvaudio: update initial comments
      V4L/DVB (9620): tvaudio: use a direct reference for chip description
      V4L/DVB (9621): Avoid writing outside shadow.bytes[] array
      V4L/DVB (9622): tvaudio: Improve comments and remove a unneeded prototype
      V4L/DVB (9623): tvaudio: Improve debug msg by printing something more human
      V4L/DVB (9624): CVE-2008-5033: fix OOPS on tvaudio when controlling bass/treble

---------------------------------------------------
V4L/DVB development is hosted at http://linuxtv.org
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ