* [ptxdist] [PATCH] screen: Plug CVE-2023-24626.
@ 2023-04-24 17:52 Christian Melki
2023-05-02 7:06 ` [ptxdist] [APPLIED] " Michael Olbrich
0 siblings, 1 reply; 2+ messages in thread
From: Christian Melki @ 2023-04-24 17:52 UTC (permalink / raw)
To: ptxdist
Mishap with priviliged signal handling.
https://nvd.nist.gov/vuln/detail/CVE-2023-24626
* Provide patch as is for 4.9.0, including the whitespace touchup.
Signed-off-by: Christian Melki <christian.melki@t2data.com>
---
...al-sending-permission-check-on-faile.patch | 33 +++++++++++++++++++
patches/screen-4.9.0/series | 3 +-
2 files changed, 35 insertions(+), 1 deletion(-)
create mode 100644 patches/screen-4.9.0/0004-fix-missing-signal-sending-permission-check-on-faile.patch
diff --git a/patches/screen-4.9.0/0004-fix-missing-signal-sending-permission-check-on-faile.patch b/patches/screen-4.9.0/0004-fix-missing-signal-sending-permission-check-on-faile.patch
new file mode 100644
index 000000000..1acd66a19
--- /dev/null
+++ b/patches/screen-4.9.0/0004-fix-missing-signal-sending-permission-check-on-faile.patch
@@ -0,0 +1,33 @@
+From: Alexander Naumov <alexander_naumov@opensuse.org>
+Date: Mon, 30 Jan 2023 17:22:25 +0200
+Subject: [PATCH] fix: missing signal sending permission check on failed query
+ messages
+
+Signed-off-by: Alexander Naumov <alexander_naumov@opensuse.org>
+---
+ socket.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/socket.c b/socket.c
+index bb68b35353b9..9d874457dfce 100644
+--- a/socket.c
++++ b/socket.c
+@@ -1285,11 +1285,16 @@ ReceiveMsg()
+ else
+ queryflag = -1;
+
+- Kill(m.m.command.apid,
++ if (CheckPid(m.m.command.apid)) {
++ Msg(0, "Query attempt with bad pid(%d)!", m.m.command.apid);
++ }
++ else {
++ Kill(m.m.command.apid,
+ (queryflag >= 0)
+ ? SIGCONT
+ : SIG_BYE); /* Send SIG_BYE if an error happened */
+- queryflag = -1;
++ queryflag = -1;
++ }
+ }
+ break;
+ case MSG_COMMAND:
diff --git a/patches/screen-4.9.0/series b/patches/screen-4.9.0/series
index bf7060df3..11f49d58e 100644
--- a/patches/screen-4.9.0/series
+++ b/patches/screen-4.9.0/series
@@ -3,4 +3,5 @@
0001-comm.h-now-depends-on-term.h.patch
0002-comm.h-needed-for-list_-display-generic-.o.patch
0003-suppress_remap.patch
-# 086ac9b43abed5bb61eef564f1ac00d9 - git-ptx-patches magic
+0004-fix-missing-signal-sending-permission-check-on-faile.patch
+# d9101cb0610499bee9be456b4dc83845 - git-ptx-patches magic
--
2.34.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [ptxdist] [APPLIED] screen: Plug CVE-2023-24626.
2023-04-24 17:52 [ptxdist] [PATCH] screen: Plug CVE-2023-24626 Christian Melki
@ 2023-05-02 7:06 ` Michael Olbrich
0 siblings, 0 replies; 2+ messages in thread
From: Michael Olbrich @ 2023-05-02 7:06 UTC (permalink / raw)
To: ptxdist; +Cc: Christian Melki
Thanks, applied as 959ca2f626413ed5f49450b23ecb77934f738db6.
Michael
[sent from post-receive hook]
On Tue, 02 May 2023 09:06:05 +0200, Christian Melki <christian.melki@t2data.com> wrote:
> Mishap with priviliged signal handling.
> https://nvd.nist.gov/vuln/detail/CVE-2023-24626
>
> * Provide patch as is for 4.9.0, including the whitespace touchup.
>
> Signed-off-by: Christian Melki <christian.melki@t2data.com>
> Message-Id: <20230424175213.1378743-1-christian.melki@t2data.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/patches/screen-4.9.0/0004-fix-missing-signal-sending-permission-check-on-faile.patch b/patches/screen-4.9.0/0004-fix-missing-signal-sending-permission-check-on-faile.patch
> new file mode 100644
> index 000000000000..1acd66a1902d
> --- /dev/null
> +++ b/patches/screen-4.9.0/0004-fix-missing-signal-sending-permission-check-on-faile.patch
> @@ -0,0 +1,33 @@
> +From: Alexander Naumov <alexander_naumov@opensuse.org>
> +Date: Mon, 30 Jan 2023 17:22:25 +0200
> +Subject: [PATCH] fix: missing signal sending permission check on failed query
> + messages
> +
> +Signed-off-by: Alexander Naumov <alexander_naumov@opensuse.org>
> +---
> + socket.c | 9 +++++++--
> + 1 file changed, 7 insertions(+), 2 deletions(-)
> +
> +diff --git a/socket.c b/socket.c
> +index bb68b35353b9..9d874457dfce 100644
> +--- a/socket.c
> ++++ b/socket.c
> +@@ -1285,11 +1285,16 @@ ReceiveMsg()
> + else
> + queryflag = -1;
> +
> +- Kill(m.m.command.apid,
> ++ if (CheckPid(m.m.command.apid)) {
> ++ Msg(0, "Query attempt with bad pid(%d)!", m.m.command.apid);
> ++ }
> ++ else {
> ++ Kill(m.m.command.apid,
> + (queryflag >= 0)
> + ? SIGCONT
> + : SIG_BYE); /* Send SIG_BYE if an error happened */
> +- queryflag = -1;
> ++ queryflag = -1;
> ++ }
> + }
> + break;
> + case MSG_COMMAND:
> diff --git a/patches/screen-4.9.0/series b/patches/screen-4.9.0/series
> index bf7060df3881..11f49d58ec56 100644
> --- a/patches/screen-4.9.0/series
> +++ b/patches/screen-4.9.0/series
> @@ -3,4 +3,5 @@
> 0001-comm.h-now-depends-on-term.h.patch
> 0002-comm.h-needed-for-list_-display-generic-.o.patch
> 0003-suppress_remap.patch
> -# 086ac9b43abed5bb61eef564f1ac00d9 - git-ptx-patches magic
> +0004-fix-missing-signal-sending-permission-check-on-faile.patch
> +# d9101cb0610499bee9be456b4dc83845 - git-ptx-patches magic
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-05-02 7:07 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-04-24 17:52 [ptxdist] [PATCH] screen: Plug CVE-2023-24626 Christian Melki
2023-05-02 7:06 ` [ptxdist] [APPLIED] " Michael Olbrich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox