Bug 212145 (CVE-2008-0777)

Summary:	sys-freebsd/freebsd-sources < 6.2-r4 sendfile(2) write-only file permission bypass (CVE-2008-0777)
Product:	Gentoo Security	Reporter:	Robert Buchholz (RETIRED) <rbu>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	trivial	CC:	bsd+disabled
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://security.freebsd.org/advisories/FreeBSD-SA-08:03.sendfile.asc
Whiteboard:	~3 [noglsa]
Package list:		Runtime testing required:	---

Description Robert Buchholz (RETIRED) gentoo-dev

2008-03-03 01:32:02 UTC

CVE-2008-0777 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0777):
  The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access
  flags of the file descriptor used for sending a file, which allows local
  users to read the contents of write-only files.

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2008-03-03 01:33:27 UTC

BSD herd, please act.

This is the third security bug that is now open, and the others are not moving at all. Are you maintaining the Gentoo BSD port, or can/should this be p.masked?

Comment 2 Pierre-Yves Rofes (RETIRED) gentoo-dev

2008-05-09 14:26:41 UTC

(In reply to comment #1)
> BSD herd, please act.
> 
> This is the third security bug that is now open, and the others are not moving
> at all. Are you maintaining the Gentoo BSD port, or can/should this be
> p.masked?
> 

*ping*

Comment 3 Alexis Ballier gentoo-dev

2008-05-17 19:55:28 UTC

6.2-r4 has the patch

Comment 4 Pierre-Yves Rofes (RETIRED) gentoo-dev

2008-05-17 20:37:37 UTC

thanks, closing.