Gentoo Bug 248754 - Linux: <2.6.27.8 inotify race conditions (CVE-2008-5182)

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bug#:	248754
Alias:
Product:
Component:
Status:	NEW
Resolution:
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Stefan Behte <craig@gentoo.org>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 248754 depends on:			Show dependency tree
Bug 248754 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as NEW
Accept bug (change status to ASSIGNED)
Resolve bug, changing resolution to
Resolve bug, mark it as duplicate of bug #
Reassign bug to
Reassign bug to default assignee of selected component

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2008-11-25 09:16 0000

CVE-2008-5182 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5182):
  The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might
  allow local users to gain privileges via unknown vectors related to
  race conditions in inotify watch removal and umount.

------- Comment #1 From Gordon Malm 2008-12-06 20:34:18 0000 -------

http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git;a=blob;f=releases/2.6.27.8/fix-inotify-watch-removal-umount-races.patch;h=b446894e9fbc7b58817a569f68255d1259cdac77;hb=1db886b63e735c3439e5c2f6813c5207c2206895

------- Comment #2 From Axel Dyks 2008-12-06 22:52:08 0000 -------

(In reply to comment #1)
> http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git;a=blob;f=releases/2.6.27.8/fix-inotify-watch-removal-umount-races.patch;h=b446894e9fbc7b58817a569f68255d1259cdac77;hb=1db886b63e735c3439e5c2f6813c5207c2206895
> 
gentoo-sources-2.6.26-r4 are based on 2.6.27.8.
Just marked stable on x86/amd64 by dsd.

------- Comment #3 From Axel Dyks 2008-12-06 22:53:22 0000 -------

Argh! It's .26 not .27 sorry.

------- Comment #4 From Axel Dyks 2008-12-08 01:04:36 0000 -------

(In reply to comment #3)
> Argh! It's .26 not .27 sorry.

Daniel just added this patch to genpatches (Version 5) for 2.6.26

  http://sources.gentoo.org/viewcvs.py/linux-patches?rev=1424&view=rev

and has released 2.6.26-r4 (already stable on x86/amd64).

Does this mean the bug can be closed?

------- Comment #5 From Kerin Millar 2009-07-21 00:25:02 0000 -------

Amended the Status Whiteboard. hardened-kernel unaffected at present time.
Removing alias.

PS: genpatches-2.6.27-7 added 2.6.27.8 and, as Axel pointed out,
>=genpatches-2.6.26-5 is unaffected. =genpatches-2.6.25* remains vulnerable.
However, hardened-sources-2.6.25-r13 does not because we independently folded
in the same patch.

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bugzilla Bug 248754

Linux: <2.6.27.8 inotify race conditions (CVE-2008-5182)

Last modified: 2009-07-21 00:25:02 0000