public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

linux: Add patch to fix CVE-2016-5829 (#16824)

Browse Source 
Fixed for all available 4.x series kernels.

From CVE-2016-5829:

  Multiple heap-based buffer overflows in the hiddev_ioctl_usage function
  in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow
  local users to cause a denial of service or possibly have unspecified
  other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl
  call.
This commit is contained in:
Franz Pletz
2016-07-12 20:56:50 +02:00
committed by GitHub
parent 724224f8f7
commit dde259dfb5
2 changed files with 28 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
pkgs/os-specific/linux/kernel/patches.nix
View File

@@ -1,4 +1,4 @@
{ stdenv, fetchurl, pkgs }:
{ stdenv, fetchurl, fetchpatch, pkgs }:
let
@@ -140,4 +140,12 @@ rec {
{ name = "qat_common_Makefile";
patch = ./qat_common_Makefile.patch;
};
hiddev_CVE_2016_5829 =
{ name = "hiddev_CVE_2016_5829";
patch = fetchpatch {
url = "https://sources.debian.net/data/main/l/linux/4.6.3-1/debian/patches/bugfix/all/HID-hiddev-validate-num_values-for-HIDIOCGUSAGES-HID.patch";
sha256 = "14rm1qr87p7a5prz8g5fwbpxzdp3ighj095x8rvhm8csm20wspyy";
};
};
}