Summary: | <sys-block/targetcli-fb-2.1.53: Multiple vulnerabilities (CVE-2020-{10699,13867}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | proxy-maint, sir.suriv |
Priority: | Normal | Flags: | nattka:
sanity-check-
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/open-iscsi/targetcli-fb/pull/172 | ||
See Also: |
https://bugs.gentoo.org/show_bug.cgi?id=718528 https://bugs.gentoo.org/show_bug.cgi?id=728770 https://github.com/gentoo/gentoo/pull/17142 |
||
Whiteboard: | B1 [glsa+ cve] | ||
Package list: |
sys-block/targetcli-fb-2.1.53
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 736709 |
Description
Sam James
2020-08-05 22:46:27 UTC
The ebuild does nothing special wrt permissions:
> keepdir /etc/target /etc/target/backup
> doman targetcli.8
And these issues (as seen in the patch - see URL on this bug) are resolved via a runtime change. So, yes, it seems we are affected.
Also: * CVE-2020-10699 Description: "A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root." https://github.com/open-iscsi/targetcli-fb/issues/162 Maintainer, please bump to 2.1.53 ASAP. This needs a bump of dev-python/rtslib-fb first. I opened https://github.com/gentoo/gentoo/pull/16516 a while ago for that... (In reply to Diogo Pereira from comment #4) > This needs a bump of dev-python/rtslib-fb first. > I opened https://github.com/gentoo/gentoo/pull/16516 a while ago for that... Done. Sorry for the delay. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=934814f627d542bae52f0500ad6cf003525e23f2 commit 934814f627d542bae52f0500ad6cf003525e23f2 Author: Diogo Pereira <sir.suriv@gmail.com> AuthorDate: 2020-08-16 23:14:05 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-08-25 00:06:07 +0000 sys-block/targetcli-fb: bump to 2.1.53 Bug: https://bugs.gentoo.org/722674 Bug: https://bugs.gentoo.org/736086 Closes: https://bugs.gentoo.org/718528 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Signed-off-by: Diogo Pereira <sir.suriv@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/17142 Signed-off-by: Sam James <sam@gentoo.org> sys-block/targetcli-fb/Manifest | 1 + sys-block/targetcli-fb/targetcli-fb-2.1.53.ebuild | 28 +++++++++++++++++++++++ 2 files changed, 29 insertions(+) x86 done Unable to check for sanity:
> dependent bug #728770 is missing keywords
amd64 done all arches done amd64 done all arches done Please cleanup. Unable to check for sanity:
> dependent bug #728770 is missing keywords
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=64f2a898441e0332284a6533e4f797b7bbf5a8a5 commit 64f2a898441e0332284a6533e4f797b7bbf5a8a5 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-08-30 03:14:38 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-08-30 03:14:38 +0000 sys-block/targetcli-fb: security cleanup Bug: https://bugs.gentoo.org/736086 Package-Manager: Portage-3.0.4, Repoman-3.0.1 Signed-off-by: Sam James <sam@gentoo.org> sys-block/targetcli-fb/Manifest | 1 - sys-block/targetcli-fb/targetcli-fb-2.1.51.ebuild | 28 ----------------------- 2 files changed, 29 deletions(-) This issue was resolved and addressed in GLSA 202008-22 at https://security.gentoo.org/glsa/202008-22 by GLSA coordinator Sam James (sam_c). The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2bc8d65d5a15200942dc7c66c1fcc0ba7102099c commit 2bc8d65d5a15200942dc7c66c1fcc0ba7102099c Author: Sam James <sam@gentoo.org> AuthorDate: 2020-08-30 22:45:26 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-08-30 22:45:26 +0000 sys-block/targetcli-fb: security cleanup Bug: https://bugs.gentoo.org/736086 Package-Manager: Portage-3.0.4, Repoman-3.0.1 Signed-off-by: Sam James <sam@gentoo.org> sys-block/targetcli-fb/Manifest | 1 - sys-block/targetcli-fb/targetcli-fb-2.1.49.ebuild | 33 ----------------------- 2 files changed, 34 deletions(-) |