| Summary: | sys-apps/systemd: Local Privilege Escalation in systemd-tmpfiles | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Sebastian Pipping <sping> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED INVALID | ||
| Severity: | normal | CC: | mjo, systemd |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | C1 [noglsa cve] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 647778 | ||
|
Description
Sebastian Pipping
2018-01-31 16:59:31 UTC
No unaffected version in Gentoo repo yet hence bug summary change. @maintainers, Upstream 237 version contains fix as noted by Sebastian. (In reply to Aaron Bauman from comment #1) > @maintainers, Upstream 237 version contains fix as noted by Sebastian. Seems like the was cherry-picking involved. This is the commit included with v237: https://github.com/systemd/systemd/commit/5579f85663d10269e7ac7464be6548c99cea4ada I believe this issue does not affect systemd in its default configuration on Gentoo. I am therefore in no hurry to backport the fix or to stabilize a newer version. There were some other tmpfiles changes in the PR that could complicate a cherry-pick, but a backport is overkill regardless. You have to go out of your way to disable a sysctl whose sole purpose is to protect you from things like this. A more important fix is targeted for v238; this one just happened to land right as v237 was cut. (In reply to Mike Gilbert from comment #3) > I believe this issue does not affect systemd in its default configuration on > Gentoo. I am therefore in no hurry to backport the fix or to stabilize a > newer version. Agreed. This is simply hardening for our systemd users who may decide to disable protected hardlinks. Mitigated by fs.protected_hardlinks wrt bug #540006. |