Bug 118535

Summary:	circumventing protection of files flagged immutable (CVE-2005-4351)
Product:	Gentoo Security	Reporter:	kfm
Component:	Kernel	Assignee:	Gentoo Security <security>
Status:	RESOLVED CANTFIX
Severity:	normal	CC:	gregkh, kfm, security-kernel
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4351
Whiteboard:
Package list:		Runtime testing required:	---

Description kfm 2006-01-10 07:50:34 UTC

Hi. I'm filing this because, according to an advisory from redteam-pentesting.de, it is possible to place "an arbitrary file
at the location of an immutable file, without changing the immutable
file itself." This is stated to be a weakness of the BSD securelevels mechanism and allegedly all kernels up to and including 2.6.15 are affected (presumably when  SECURITY_SECLVL is enabled).

For further details please see:

* http://redteam-pentesting.de/advisories/rt-sa-2005-015.txt
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4351

Comment 1 Tim Yamin (RETIRED) gentoo-dev

2006-03-11 11:29:31 UTC

Greg -- know if this issue has been fixed?

Comment 2 Greg Kroah-Hartman (RETIRED) gentoo-dev

2006-03-11 13:53:15 UTC

Nope, and it doesn't look like the kernel security levels person cares about
it, and as no one uses it, I wouldn't really worry about it.

Hope this helps.

Comment 3 Tim Yamin (RETIRED) gentoo-dev

2006-03-11 13:54:26 UTC

Thanks Greg -- guess we can close this one as UPSTREAM then.

Comment 4 Robert Buchholz (RETIRED) gentoo-dev

2009-05-03 15:59:23 UTC

reopen to change resolution type