Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 286096 (CVE-2009-3286)

Summary: Kernel: NFSv4 O_EXCL creates broken (CVE-2009-3286)
Product: Gentoo Security Reporter: Alex Legler (RETIRED) <a3li>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: hardened-kernel+disabled, kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=81ac95c5569d7a60ab5db6c1ccec56c12b3ebcb5
Whiteboard: [linux <2.6.19]
Package list:
Runtime testing required: ---

Description Alex Legler (RETIRED) archtester gentoo-dev Security 2009-09-23 14:29:29 UTC 
CVE-2009-3286 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3286):
  NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does
  not properly clean up an inode when an O_EXCL create fails, which
  causes files to be created with insecure settings such as setuid
  bits, and possibly allows local users to gain privileges, related to
  the execution of the do_open_permission function even when a create
  fails. That also explains why we don't see this problem with
  root...the permission check is always passing there (provided we're
  not root squashing).