|Summary:||<sys-fs/udisks-1.0.2-r1: arbitrary kernel module load|
|Product:||Gentoo Security||Reporter:||Paweł Hajdan, Jr. (RETIRED) <phajdan.jr>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Package list:||Runtime testing required:||---|
Description Paweł Hajdan, Jr. (RETIRED) 2011-01-31 20:49:54 UTC
Sebastian Krahmer reported that the udisks service (via D-BUS) could be used to load arbitrary Linux kernel modules. Since "mount -t $NAME" is called, this also triggers a "modprobe -q -- $NAME" which will load the Linux kernel module from /lib/modules/. The upstream bug report is: https://bugs.freedesktop.org/show_bug.cgi?id=32232 and no upstream fix has been made as of yet, although the upstream bug report has a few suggestions on how to correct this. https://bugzilla.redhat.com/show_bug.cgi?id=664082
Comment 1 Samuli Suominen 2011-04-11 10:18:10 UTC
Comment 2 Tim Sammut (RETIRED) 2011-04-11 18:51:27 UTC
Rerating B1 as I believe this allows a non-admin local user to load a kernel module.
Comment 3 Samuli Suominen 2011-04-16 06:08:16 UTC
1.0.2-r1 has the upstream patch now, can be stabilized long as people test mounting with it instead of just compile testing. specifically, check `cat /proc/filesystems`, those should be mountable and others not
Comment 4 Tim Sammut (RETIRED) 2011-04-16 15:20:04 UTC
(In reply to comment #3) > 1.0.2-r1 has the upstream patch now, can be stabilized long as people test > mounting with it instead of just compile testing. > > specifically, check `cat /proc/filesystems`, those should be mountable and > others not Great, thank you. Arches, please test and mark stable, *noting* the instructions above: =sys-fs/udisks-1.0.2-r1 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sh sparc x86"
Comment 5 Jeroen Roovers 2011-04-16 17:18:45 UTC
Stable for HPPA.
Comment 6 Christoph Mende (RETIRED) 2011-04-16 18:55:34 UTC
Comment 7 Thomas Kahle (RETIRED) 2011-04-17 09:24:53 UTC
Comment 8 PM 2011-04-17 13:34:37 UTC
With sys-fs/udisks-1.0.2-r1 installed I can no longer mount my ntfs USB drive in KDE. I believe it's related to this patch. org.freedesktop.UDisks.Error.Failed: Requested filesystem type is neither well-known nor in /proc/filesystems nor in /etc/filesystems There is no ntfs in my /proc/filesystems.
Comment 9 Samuli Suominen 2011-04-17 13:38:25 UTC
(In reply to comment #8) > With sys-fs/udisks-1.0.2-r1 installed I can no longer mount my ntfs USB drive > in KDE. I believe it's related to this patch. > > org.freedesktop.UDisks.Error.Failed: Requested filesystem type is neither > well-known nor in /proc/filesystems nor in /etc/filesystems > > There is no ntfs in my /proc/filesystems. If using ntfs-3g, ntfs3g, whatever..., I suppose you have to add it to the list of allowed file systems by hand in /etc/filesystems now.
Comment 10 PM 2011-04-17 13:45:08 UTC
Yeah, it works. But I think I shouldn't have to do it. I mean, it's not some low-level system stuff, people running a modern desktop environment should't have to poke around config files to make things like this work. How about just adding "ntfs-3g" to well_known_filesystems?
Comment 11 Alex Buell 2011-04-17 23:52:11 UTC
Tested on SPARC, by attempting to mount a VFAT device. It correctly reports not authorised. Could stabilise.
Comment 12 Samuli Suominen 2011-04-18 14:27:04 UTC
(In reply to comment #10) > Yeah, it works. But I think I shouldn't have to do it. I mean, it's not some > low-level system stuff, people running a modern desktop environment should't > have to poke around config files to make things like this work. > > How about just adding "ntfs-3g" to well_known_filesystems? I can't really decide where this belongs, but I'm trying to push it first to the UDisks upstream here: http://bugs.freedesktop.org/show_bug.cgi?id=36361 If they refuse it, I guess we have to reconsider adding it to the /etc/filesystems file, owned by baselayout package. I don't really like that either... sigh... And let this be the end of this discussion at this bug, it's really offtopic here. CC yourself on the upstream bug if you want to follow progress.
Comment 13 Raúl Porcel (RETIRED) 2011-04-23 17:52:54 UTC
Comment 14 Kacper Kowalik (Xarthisius) (RETIRED) 2011-04-26 10:51:52 UTC
ppc/ppc64 stable, last arch done
Comment 15 Tim Sammut (RETIRED) 2011-04-26 13:59:13 UTC
Thanks, folks. GLSA request filed.
Comment 16 Fabio Erculiani (RETIRED) 2011-06-04 13:27:58 UTC
Samuli, *udisks-1.0.2-r3 (09 May 2011) 09 May 2011; Samuli Suominen <email@example.com> +udisks-1.0.2-r3.ebuild, +files/udisks-1.0.2-missing_comma.patch: Add missing comma in fs whitelist to replace the -ntfs-3g.patch. This commit broke ntfs-3g support again.
Comment 17 Samuli Suominen 2011-06-04 15:28:24 UTC
(In reply to comment #16) > Samuli, > > *udisks-1.0.2-r3 (09 May 2011) > > 09 May 2011; Samuli Suominen <firstname.lastname@example.org> +udisks-1.0.2-r3.ebuild, > +files/udisks-1.0.2-missing_comma.patch: > Add missing comma in fs whitelist to replace the -ntfs-3g.patch. > > This commit broke ntfs-3g support again. Sorry about that, I haven't had time to do a ntfs filesystem and play with it. Reopened http://bugs.freedesktop.org/show_bug.cgi?id=36361 for this, and would like to commit a fix to Portage but I'm currently without CVS access so it might be good idea to open a new bug, otherwise this might go lost. Removing freedesktop-bugs@ from CC list as this bug is done.
Comment 18 Sean Amoss 2014-06-01 14:33:33 UTC
Users have already been advised to update in GLSA 201405-01. Closing noglsa.