packages: kernel/kernel-CVE-2011-2700.patch (NEW) - patch fixing CVE-2011-2...

Tue Jul 26 09:56:27 CEST 2011

Author: marti                        Date: Tue Jul 26 07:56:27 2011 GMT
Module: packages                      Tag: HEAD
---- Log message:
- patch fixing CVE-2011-2700
- http://git.kernel.org/?p=linux/kernel/git/longterm/longterm-queue-2.6.33.git;a=blob;f=queue-2.6.33/si4713-i2c-avoid-potential-buffer-overflow-on-si4713.patch;h=d99c471980a074cf4ef55fb4428d5f2fec66bffb

---- Files affected:
packages/kernel:
   kernel-CVE-2011-2700.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/kernel/kernel-CVE-2011-2700.patch
diff -u /dev/null packages/kernel/kernel-CVE-2011-2700.patch:1.1

--- /dev/null	Tue Jul 26 09:56:27 2011
+++ packages/kernel/kernel-CVE-2011-2700.patch	Tue Jul 26 09:56:22 2011
@@ -0,0 +1,22 @@
+diff -ur linux-2.6.38-orig/drivers/media/radio/si4713-i2c.c linux-2.6.38/drivers/media/radio/si4713-i2c.c
+--- linux-2.6.38-orig/drivers/media/radio/si4713-i2c.c	2011-07-25 08:04:41.000000000 +0200
++++ linux-2.6.38/drivers/media/radio/si4713-i2c.c	2011-07-25 08:11:22.000000000 +0200
+@@ -1033,7 +1033,7 @@
+ 		char ps_name[MAX_RDS_PS_NAME + 1];
+ 
+ 		len = control->size - 1;
+-		if (len > MAX_RDS_PS_NAME) {
++		if (len < 0 || len > MAX_RDS_PS_NAME) {
+ 			rval = -ERANGE;
+ 			goto exit;
+ 		}
+@@ -1057,7 +1057,7 @@
+ 		char radio_text[MAX_RDS_RADIO_TEXT + 1];
+ 
+ 		len = control->size - 1;
+-		if (len > MAX_RDS_RADIO_TEXT) {
++		if (len < 0 || len > MAX_RDS_RADIO_TEXT) {
+ 			rval = -ERANGE;
+ 			goto exit;
+ 		}
+Only in linux-2.6.38/drivers/media/radio: si4713-i2c.c~
================================================================
