Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 206502 - net-fs/mount-cifs < 3.0.28 allows all users to unmount shares
Summary: net-fs/mount-cifs < 3.0.28 allows all users to unmount shares
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.samba.org/show_bug.c...
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2008-01-18 09:06 UTC by Jakub Moc (RETIRED)
Modified: 2011-10-20 05:04 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jakub Moc (RETIRED) gentoo-dev 2008-01-18 09:06:20 UTC 
<snip>
mount.cifs in 3.0.25b is assuming wrong semantics for the CIFS_IOC_CHECKUMOUNT
ioctl: the return value of ioctl() is checked for a value > 0, when the
standard error return from ioctl (and the error return in this case) is -1 with
errno set to a more descriptive value.

As a result of misinterpreting the return value, umount.cifs is allowing all
users to unmount shares mounted by any other user.  In specialized
circumstances, this could become a security hole if a user believes their mount
point is safe and the share is unmounted to expose malicious directory contents
below.
<snip>

@dev-zero - I made an updated tarball and grabbed a patch from GIT, see http://dev.gentooexperimental.org/~jakub/overlay/net-fs/mount-cifs/ for updated ebuild. This also fixes Samba bug 4781 (umount.cifs can't clean up /etc/mtab if trailing slashes used).
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2008-01-19 23:44:17 UTC 
Samba herd, please bump.
Comment 2 Tiziano Müller (RETIRED) gentoo-dev 2008-01-21 09:22:51 UTC 
Done. Thanks, Jakub!
Comment 3 Jakub Moc (RETIRED) gentoo-dev 2008-01-29 09:17:33 UTC 
arches, please stabilize net-fs/mount-cifs-3.0.28.
Comment 4 Christian Faulhammer (RETIRED) gentoo-dev 2008-01-29 11:33:04 UTC 
x86 stable
Comment 5 Brent Baude (RETIRED) gentoo-dev 2008-01-29 19:28:11 UTC 
ppc and ppc64 done
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2008-01-29 20:17:17 UTC 
Stable for HPPA.
Comment 7 Peter Weller (RETIRED) gentoo-dev 2008-01-31 06:56:22 UTC 
amd64 done.
Comment 8 Raúl Porcel (RETIRED) gentoo-dev 2008-02-01 14:07:38 UTC 
alpha/ia64/sparc stable
Comment 9 Tiziano Müller (RETIRED) gentoo-dev 2008-02-09 09:15:09 UTC 
adding mips
Comment 10 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2008-02-10 14:28:13 UTC 
This one is ready for GLSA vote. I vote NO.
Comment 11 Pierre-Yves Rofes (RETIRED) gentoo-dev 2008-02-10 15:30:47 UTC 
voting NO too, and closing.