Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 195390

Summary: sys-apps/util-linux < 2.12r-r8 Privilege Escalation Vulnerability (CVE-2007-5191)
Product: Gentoo Security Reporter: Tobias Heinlein (RETIRED) <keytoaster>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: critical CC: bernd, chainsaw
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/advisories/27145/
Whiteboard: A1 [glsa]
Package list:
Runtime testing required: ---

Description Tobias Heinlein (RETIRED) gentoo-dev 2007-10-10 16:12:06 UTC 
A vulnerability has been reported in util-linux, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.

The vulnerability is caused due to the mount and umount programs incorrectly checking the return values of the "setuid()" and "setgid()" functions when dropping privileges. This can potentially be exploited to perform certain actions with escalated privileges via e.g. the mount.nfs utility.

The vulnerability is reported in version 2.12r. Other versions may also be affected.

Solution:
Fixed in the util-linux-ng repository.
http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e
Comment 1 Tobias Heinlein (RETIRED) gentoo-dev 2007-10-10 16:24:46 UTC 
You already applied the patch in -r8 a few days ago, but I couldn't find an appropriate security bug for this issue.

Do you have plans to stabilise util-linux-2.12r-r8? Our latest stable version is vulnerable.
Comment 2 SpanKY gentoo-dev 2007-10-10 18:04:43 UTC 
i dont have any plans for anything

whatever security team wants to push is up to them, 2.12r-r8 is fine
Comment 3 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-10-10 20:06:12 UTC 
Arches pleases test and mark stable sys-apps/util-linux-2.12r-r8
target "alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86"
Comment 4 Christian Faulhammer (RETIRED) gentoo-dev 2007-10-10 23:06:28 UTC 
x86 stable
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2007-10-11 03:12:28 UTC 
Stable for HPPA
Comment 6 Steve Dibb (RETIRED) gentoo-dev 2007-10-11 03:25:11 UTC 
amd64 stable
Comment 7 Jeroen Roovers (RETIRED) gentoo-dev 2007-10-11 03:30:40 UTC 
Stable for SPARC.
Comment 8 Tom Gall (RETIRED) gentoo-dev 2007-10-11 05:15:26 UTC 
stable on ppc64
Comment 9 Raúl Porcel (RETIRED) gentoo-dev 2007-10-11 16:21:36 UTC 
alpha/ia64 stable
Comment 10 Tobias Scherbaum (RETIRED) gentoo-dev 2007-10-12 15:14:10 UTC 
ppc stable, ready for glsa
Comment 11 Robert Buchholz (RETIRED) gentoo-dev 2007-10-12 17:17:28 UTC 
(In reply to comment #10)
> ppc stable, ready for glsa

request filed.
Comment 12 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-10-18 21:53:42 UTC 
GLSA 200710-18
Comment 13 Joshua Kinard gentoo-dev 2007-11-19 07:20:45 UTC 
mips stable.