Commit 593f4dee authored by Bas Zoetekouw's avatar Bas Zoetekouw

Fix buffer overflow CVE-2018-10689

parent 5fe32b5e
......@@ -6,6 +6,7 @@ blktrace (1.2.0-1) UNRELEASED; urgency=medium
* Change SUggests from libav-tools to ffmpeg (Closes: #895915)
* Fix init.d error when DebugFS is already mounted (Closes: #705269)
* Update Standards-version to version 4.1.4; change proiority to optional
* Fix buffer overflow in btt (CVE-2018-10689) (Closes: #897695)
-- Bas Zoetekouw <bas@debian.org> Sat, 19 May 2018 21:49:22 +0200
......
Last-Update: 2018-05-16
Forwarded: yes
Author: Jens Axboe <axboe@kernel.dk>
Description: fix CVE-2018-10689: make device/devno use PATH_MAX to avoid overflow. Patch from https://git.kernel.org/pub/scm/linux/kernel/git/axboe/blktrace.git/commit/?id=d61ff409cb4dda31386373d706ea0cfb1aaac5b7
--- a/btt/devmap.c
+++ b/btt/devmap.c
@@ -23,7 +23,7 @@
struct devmap {
struct list_head head;
- char device[32], devno[32];
+ char device[PATH_MAX], devno[PATH_MAX];
};
LIST_HEAD(all_devmaps);
......@@ -3,3 +3,4 @@ man.patch
pdf-date.patch
procnum.patch
spelling.patch
cve-2018-10689
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment