summaryrefslogtreecommitdiffstats
path: root/sys/compat
diff options
context:
space:
mode:
authorglebius <glebius@FreeBSD.org>2016-01-14 09:11:42 +0000
committerglebius <glebius@FreeBSD.org>2016-01-14 09:11:42 +0000
commit924e9fd65e75f0b1f25b22443f905c323a489c11 (patch)
tree0ead046e380329851a42682978596c116adac8dc /sys/compat
parent66d55487b96620356eabe606681cb650cab137a9 (diff)
downloadFreeBSD-src-924e9fd65e75f0b1f25b22443f905c323a489c11.zip
FreeBSD-src-924e9fd65e75f0b1f25b22443f905c323a489c11.tar.gz
o Fix SCTP ICMPv6 error message vulnerability. [SA-16:01.sctp]
o Fix Linux compatibility layer incorrect futex handling. [SA-16:03.linux] o Fix Linux compatibility layer setgroups(2) system call. [SA-16:04.linux] o Fix TCP MD5 signature denial of service. [SA-16:05.tcp] o Fix insecure default bsnmpd.conf permissions. [SA-16:06.bsnmpd] Security: FreeBSD-SA-16:01.sctp, CVE-2016-1879 Security: FreeBSD-SA-16:03.linux, CVE-2016-1880 Security: FreeBSD-SA-16:04.linux, CVE-2016-1881 Security: FreeBSD-SA-16:05.tcp, CVE-2016-1882 Security: FreeBSD-SA-16:06.bsnmpd, CVE-2015-5677
Diffstat (limited to 'sys/compat')
-rw-r--r--sys/compat/linux/linux_futex.c2
-rw-r--r--sys/compat/linux/linux_misc.c4
2 files changed, 4 insertions, 2 deletions
diff --git a/sys/compat/linux/linux_futex.c b/sys/compat/linux/linux_futex.c
index 4573f73..c7688ae 100644
--- a/sys/compat/linux/linux_futex.c
+++ b/sys/compat/linux/linux_futex.c
@@ -1132,7 +1132,7 @@ linux_get_robust_list(struct thread *td, struct linux_get_robust_list_args *args
return (EFAULT);
}
- error = copyout(head, args->head, sizeof(struct linux_robust_list_head));
+ error = copyout(&head, args->head, sizeof(head));
if (error) {
LIN_SDT_PROBE1(futex, linux_get_robust_list, copyout_error,
error);
diff --git a/sys/compat/linux/linux_misc.c b/sys/compat/linux/linux_misc.c
index d87d786..8f2a687 100644
--- a/sys/compat/linux/linux_misc.c
+++ b/sys/compat/linux/linux_misc.c
@@ -1302,9 +1302,11 @@ linux_setgroups(struct thread *td, struct linux_setgroups_args *args)
if (error)
goto out;
newcred = crget();
+ crextend(newcred, ngrp + 1);
p = td->td_proc;
PROC_LOCK(p);
- oldcred = crcopysafe(p, newcred);
+ oldcred = p->p_ucred;
+ crcopy(newcred, oldcred);
/*
* cr_groups[0] holds egid. Setting the whole set from
OpenPOWER on IntegriCloud