Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 195390
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Tobias Heinlein <keytoaster@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 195390 depends on: Show dependency tree
Bug 195390 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-10-10 16:12 0000 
A vulnerability has been reported in util-linux, which potentially can be
exploited by malicious, local users to perform certain actions with escalated
privileges.

The vulnerability is caused due to the mount and umount programs incorrectly
checking the return values of the "setuid()" and "setgid()" functions when
dropping privileges. This can potentially be exploited to perform certain
actions with escalated privileges via e.g. the mount.nfs utility.

The vulnerability is reported in version 2.12r. Other versions may also be
affected.

Solution:
Fixed in the util-linux-ng repository.
http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e

------- Comment #1 From Tobias Heinlein 2007-10-10 16:24:46 0000 ------- 
You already applied the patch in -r8 a few days ago, but I couldn't find an
appropriate security bug for this issue.

Do you have plans to stabilise util-linux-2.12r-r8? Our latest stable version
is vulnerable.

------- Comment #2 From SpanKY 2007-10-10 18:04:43 0000 ------- 
i dont have any plans for anything

whatever security team wants to push is up to them, 2.12r-r8 is fine

------- Comment #3 From Pierre-Yves Rofes 2007-10-10 20:06:12 0000 ------- 
Arches pleases test and mark stable sys-apps/util-linux-2.12r-r8
target "alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86"

------- Comment #4 From Christian Faulhammer 2007-10-10 23:06:28 0000 ------- 
x86 stable

------- Comment #5 From Jeroen Roovers 2007-10-11 03:12:28 0000 ------- 
Stable for HPPA

------- Comment #6 From Steve Dibb 2007-10-11 03:25:11 0000 ------- 
amd64 stable

------- Comment #7 From Jeroen Roovers 2007-10-11 03:30:40 0000 ------- 
Stable for SPARC.

------- Comment #8 From Tom Gall 2007-10-11 05:15:26 0000 ------- 
stable on ppc64

------- Comment #9 From Raúl Porcel 2007-10-11 16:21:36 0000 ------- 
alpha/ia64 stable

------- Comment #10 From Tobias Scherbaum 2007-10-12 15:14:10 0000 ------- 
ppc stable, ready for glsa

------- Comment #11 From Robert Buchholz 2007-10-12 17:17:28 0000 ------- 
(In reply to comment #10)
> ppc stable, ready for glsa

request filed.

------- Comment #12 From Pierre-Yves Rofes 2007-10-18 21:53:42 0000 ------- 
GLSA 200710-18

------- Comment #13 From Joshua Kinard 2007-11-19 07:20:45 0000 ------- 
mips stable.
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug