Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 606652 (CVE-2016-10151, CVE-2016-10152)

Summary: net-dns/hesiod: two flaws permitting privilege elevation (CVE-2016-{10151,10152})
Product: Gentoo Security Reporter: Thomas Deutschmann <whissi>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: major CC: maintainer-needed, slawomir.nizio
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also:
Whiteboard: B1 [glsa+ cve]
Package list:
Runtime testing required: ---
Bug Depends on: 626242, 626246, 626248, 626250    
Bug Blocks: 648050    

Description Thomas Deutschmann gentoo-dev Security 2017-01-21 00:05:46 UTC
# Weak SUID check allowing privilege elevation

Hesiod unsafely checks EUID vs UID in a few places, consulting
environment variables for configuration if they match.  This could be
used for privilege elevation under some circumstances.  The fix uses
secure_getenv() in place of getenv().

Upstream bug:

Upstream patch:

# Use of hard-coded DNS domain if configuration file cannot be read

If opening the configuration file fails, hesiod falls back on a default
domain "" to retrieve managed information.  A local
attacker with the opportunity to poison DNS cache could potentially
elevate their privileges to root by causing fopen() to fail.

Upstream bug:

Upstream patch:
Comment 1 Thomas Deutschmann gentoo-dev Security 2017-01-21 00:10:06 UTC
CC'ing TreeCleaner project:

Package has no maintainer, latest upstream release from 2013. It has some dependencies on hesiod USE flag. Let's see what comes first, a patched ebuild or the cleaners.
Comment 2 Pacho Ramos gentoo-dev 2018-04-29 17:20:17 UTC
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2018-05-02 23:53:24 UTC
This issue was resolved and addressed in
 GLSA 201805-01 at
by GLSA coordinator Aaron Bauman (b-man).