Summary: | <sys-apps/util-linux-2.19.1: mount RLIMIT_FSIZE Security Issue (CVE-2011-{1675,1676,1677}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Paweł Hajdan, Jr. (RETIRED) <phajdan.jr> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alexanderyt, base-system |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/43596/ | ||
Whiteboard: | A3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Paweł Hajdan, Jr. (RETIRED)
2011-03-21 13:49:20 UTC
ive added util-linux-2.19.1 to the tree which should have a fix for this (In reply to comment #1) > ive added util-linux-2.19.1 to the tree which should have a fix for this Great, thank you. Arches, please test and mark stable: =sys-apps/util-linux-2.19.1 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" works here amd64 done. Thanks Agostino Stable for HPPA. x86 stable. Thanks arm stable ppc/ppc64 stable alpha/ia64/m68k/s390/sh/sparc stable Thanks, everyone. GLSA request filed. CVE-2011-1677 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1677): mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors. CVE-2011-1676 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1676): mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations. CVE-2011-1675 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1675): mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. This issue was resolved and addressed in GLSA 201405-15 at http://security.gentoo.org/glsa/glsa-201405-15.xml by GLSA coordinator Sean Amoss (ackle). |