ubuntu-x-swat team mailing list archive

Thread
Date

[Bug 642518] Re: package fglrx 2:8.723.1-0ubuntu4 failed to install/upgrade: fglrx kernel module failed to build

To: ubuntu-x-swat@xxxxxxxxxxxxxxxxxxx
From: Evan Broder <evan@xxxxxxxxxxx>
Date: Sun, 19 Sep 2010 07:11:44 -0000
Reply-to: Bug 642518 <642518@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Well, here's one option. Since CVE-2010-3081 was about not checking
access_ok() on the return value from (arch_)compat_alloc_user_space, we
can add that check to KCL_IOCTL_AllocUserSpace32, use
arch_compat_alloc_user_space, and side-step the GPL-only-ness of
compat_alloc_user_space. It's not pretty, and could be dangerous if
there are future security-related changes to the new
compat_alloc_user_space.

This patch re-writes KCL_IOCTL_AllocUserSpace32 to use
arch_compat_alloc_user_space and check access_ok(). Currently it will
only compile on kernels with the CVE-2010-3081 patch; it would need to
be tweaked to use compat_alloc_user_space if
arch_compat_alloc_user_space isn't defined.

** Patch added: "fglrx-installer_8.723.1-0ubuntu5.debdiff"
   https://bugs.launchpad.net/ubuntu/+source/fglrx-installer/+bug/642518/+attachment/1606715/+files/fglrx-installer_8.723.1-0ubuntu5.debdiff

** Changed in: fglrx-installer (Ubuntu)
       Status: In Progress => Confirmed

** Changed in: fglrx-installer (Ubuntu)
     Assignee: Evan Broder (broder) => (unassigned)

** Changed in: fglrx-installer (Ubuntu)
   Importance: Undecided => High

-- 
package fglrx 2:8.723.1-0ubuntu4 failed to install/upgrade: fglrx kernel module failed to build
https://bugs.launchpad.net/bugs/642518
You received this bug notification because you are a member of Ubuntu-X,
which is subscribed to fglrx-installer in ubuntu.

References

[Bug 642518] [NEW] package fglrx 2:8.723.1-0ubuntu4 failed to install/upgrade: fglrx kernel module failed to build
From: Matt G, 2010-09-19