Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 184071

Summary: media-video/nvclock: insecure temporary file usage (CVE-2007-3531)
Product: Gentoo Security Reporter: Tavis Ormandy (RETIRED) <taviso>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: brebs, cornmander, malverian
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B1? [glsa]
Package list:
Runtime testing required: ---
Attachments:
Description Flags
use $HOME/.nvclock instead of /tmp/nvclock none

Description Tavis Ormandy (RETIRED) gentoo-dev 2007-07-03 10:04:50 UTC
nvclock creates the file /tmp/nvclock insecurely, and then reads from it insecurely.

Malverian, could you handle this bug? 

Quick patch will be attached shortly.
Comment 1 Tavis Ormandy (RETIRED) gentoo-dev 2007-07-03 10:05:24 UTC
Created attachment 123751 [details, diff]
use $HOME/.nvclock instead of /tmp/nvclock
Comment 2 Tavis Ormandy (RETIRED) gentoo-dev 2007-07-03 18:02:35 UTC
this is CVE-2007-3531
Comment 3 Tavis Ormandy (RETIRED) gentoo-dev 2007-07-05 11:12:39 UTC
I went ahead and fixed it, as there is no maintainer.

x86: please test and mark stable nvclock-0.7-r2
Comment 4 Raúl Porcel (RETIRED) gentoo-dev 2007-07-05 11:40:03 UTC
x86 stable
Comment 5 Tavis Ormandy (RETIRED) gentoo-dev 2007-07-11 09:35:29 UTC
Okay, we're ready for a glsa vote.

I'm tempted to vote YES, as arbitrary code execution is possible.
Comment 6 Stefan Cornelius (RETIRED) gentoo-dev 2007-07-11 09:45:29 UTC
tend to say yes here, too.
Comment 7 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-07-15 09:48:14 UTC
Voting YES.
Comment 8 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-07-24 23:11:47 UTC
let's GLSA 200707-08 then