Summary: | Kernel: AF_UNIX Arbitrary Kernel Memory Modification (CAN-2004-{1068,1069}) | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> | ||||||||
Component: | Kernel | Assignee: | Gentoo Security <security> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | normal | CC: | hardened-kernel+disabled, kang, scox | ||||||||
Priority: | High | Flags: | plasmaroo:
Assigned_To?
(plasmaroo) |
||||||||
Version: | unspecified | ||||||||||
Hardware: | All | ||||||||||
OS: | All | ||||||||||
URL: | http://www.securityfocus.com/bid/11715/ | ||||||||||
Whiteboard: | [linux <2.4.28] [linux >=2.6 <2.6.10] | ||||||||||
Package list: | Runtime testing required: | --- | |||||||||
Attachments: |
|
Description
Sune Kloppenborg Jeppesen (RETIRED)
2004-11-23 23:51:59 UTC
Created attachment 44640 [details, diff]
2.4 Patch
hppa-sources done. scox if you can't bump hardened-sources to 2.4.28 then please add this patch. Created attachment 44854 [details, diff]
2.6 Patch
hardened-sources-2.4.28 ~arch in tree Ok, all done. Following externally maintained sources need patching: gentoo-dev-sources - Adding dsd... hardened-dev-sources - Adding hardened herd... hppa-dev-sources - Adding GMSoft... mips-sources - Adding Kumba... openmosix-sources - Adding cluster herd... pegasos-dev-sources - Adding dholm... rsbac-dev-sources - Adding kang... Fixed in stable hardened-dev-sources-r16 mips-sources fixed. gentoo-dev-sources done rsbac-dev-sources: fixed. done for oM-sources. pegasos-dev-sources fixed hppa-dev-sources done. ---------------snip----------------- CAN-2004-1068: A race condition was discovered in the handling of AF_UNIX network packets. This reportedly allowed local users to modify arbitrary kernel memory, facilitating privilege escalation, or possibly allowing code execution in the context of the kernel. CAN-2004-1069: Ross Kendall Axe discovered a possible kernel panic (causing a Denial of Service) while sending AF_UNIX network packages if the kernel options CONFIG_SECURITY_NETWORK and CONFIG_SECURITY_SELINUX are enabled. ---------------snip-------------- Does our patches also cover the SELinux-specific problem (-1069) ? Doubtful.. Perhaps this patch is it? http://linux.bkbits.net:8080/linux-2.6/cset@1.2055.4.76 http://linux.bkbits.net:8080/linux-2.6/cset@1.2055.40.68 Created attachment 46357 [details, diff]
Extra 2.6 Patch for CAN-2004-1069
*** IMPORTANT *** The following maintainers need to add also the CAN-2004-1069 patch on this bug. Please note that CAN-2004-1069 only applies to 2.6... gentoo-dev-sources - dsd, please patch... hardened-dev-sources - hardened herd, please patch... hppa-dev-sources - Adding GMSoft... mips-sources - Adding Kumba... pegasos-dev-sources - Adding dholm... rsbac-dev-sources - kang, please patch... rsbac-dev-sources: fixed for CAN-2004-1069. hardened-dev-sources-r18 has CAN-2004-1069 patch added gentoo-dev-sources done pegasos-dev-sources fixed mips-sources fixed. hppa-sources-2.6.10 isn't affected by this one. (patch say it's already applied) All kernels fixed, closing bug; notifications are being migrated away from GLSAs for kernels, more news coming soon so stay tuned :-] |