Linux v5.0-rc2-141-g47bfa6d9dc8c

CVE-2019-3701.patch

@@ -1,42 +0,0 @@
-From linux-netdev  Thu Jan 03 12:26:34 2019
-From: Oliver Hartkopp <socketcan () hartkopp ! net>
-Date: Thu, 03 Jan 2019 12:26:34 +0000
-To: linux-netdev
-Subject: [PATCH] can: gw: ensure DLC boundaries after CAN frame modification
-Message-Id: <20190103122634.2530-1-socketcan () hartkopp ! net>
-X-MARC-Message: https://marc.info/?l=linux-netdev&m=154651842302479
-
-The CAN frame modification rules allow bitwise logical operations which can
-be also applied to the can_dlc field. Ensure the manipulation result to
-maintain the can_dlc boundaries so that the CAN drivers do not accidently
-write arbitrary content beyond the data registers in the CAN controllers
-I/O mem when processing can-gw manipulated outgoing frames. When passing these
-frames to user space this issue did not have any effect to the kernel or any
-leaked data as we always strictly copy sizeof(struct can_frame) bytes.
-
-Reported-by: Muyu Yu <ieatmuttonchuan@gmail.com>
-Reported-by: Marcus Meissner <meissner@suse.de>
-Tested-by: Muyu Yu <ieatmuttonchuan@gmail.com>
-Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net>
-Cc: linux-stable <stable@vger.kernel.org> # >= v3.2
----
- net/can/gw.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/net/can/gw.c b/net/can/gw.c
-index faa3da88a127..9000d9b8a133 100644
---- a/net/can/gw.c
-+++ b/net/can/gw.c
-@@ -418,6 +418,10 @@ static void can_can_gw_rcv(struct sk_buff *skb, void *data)
- 
- 	/* check for checksum updates when the CAN frame has been modified */
- 	if (modidx) {
-+		/* ensure DLC boundaries after the different mods */
-+		if (cf->can_dlc > 8)
-+			cf->can_dlc = 8;
-+
- 		if (gwj->mod.csumfunc.crc8)
- 			(*gwj->mod.csumfunc.crc8)(cf, &gwj->mod.csum.crc8);
- 
--- 
-2.19.2

gitrev

@@ -1 +1 @@
-fe76fc6aaf538df27708ffa3e5d549a6c8e16142
+47bfa6d9dc8c060bf56554a465c9031e286d2f80

kernel.spec

@@ -71,7 +71,7 @@ Summary: The Linux kernel
 # The rc snapshot level
 %global rcrev 2
 # The git snapshot level
-%define gitrev 1
+%define gitrev 2
 # Set rpm version accordingly
 %define rpmversion 5.%{upstream_sublevel}.0
 %endif
@@ -596,9 +596,6 @@ Patch350: Allwinner-A64-timer-workaround.patch
 # rhbz 1431375
 Patch501: input-rmi4-remove-the-need-for-artifical-IRQ.patch
 
-# CVE-2019-3701 rhbz 1663729 1663730
-Patch503: CVE-2019-3701.patch
-
 # https://patchwork.kernel.org/patch/10752253/
 Patch504: efi-use-32-bit-alignment-for-efi_guid_t.patch
 
@@ -1873,6 +1870,9 @@ fi
 #
 #
 %changelog
+* Wed Jan 16 2019 Laura Abbott <labbott@redhat.com> - 5.0.0-0.rc2.git2.1
+- Linux v5.0-rc2-141-g47bfa6d9dc8c
+
 * Tue Jan 15 2019 Laura Abbott <labbott@redhat.com> - 5.0.0-0.rc2.git1.1
 - Linux v5.0-rc2-36-gfe76fc6aaf53
 

sources

@@ -1,2 +1,2 @@
 SHA512 (linux-5.0-rc2.tar.gz) = 93d1d32cadc1d55354cc7706b718f3a6c46abdf635fda8e4a0c34d9fce79a3a2d8ec5d12850f9813cdea7c7236846b95e1db48498ed8c5b425abd36e4801ed81
-SHA512 (patch-5.0-rc2-git1.xz) = 4dd171b2a3598d0b20204a76ea06af3dfcd9ff8e62ab4ba14cc68d1dc8f96eaba598ce59a61946fb3c5c50c17b7bd1e50f3920bc613ea5b6cc1034aad4d21592
+SHA512 (patch-5.0-rc2-git2.xz) = 765207f481ed1d51cbccd6c7370b44e828b6ee5f33aa976e02b15aafe5fd810c5764f311d124b408fe8e6efc54c19ebc1753ae5fb4877d3d8b4d49b6290559fb