Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 758977

Summary: <net-dns/nsd-4.3.4: symbolic link traversal when writing PID file (CVE-2020-28935)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: polynomial-c
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa+ cve]
Package list:
net-dns/nsd-4.3.4
 Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 758971    

Description GLSAMaker/CVETool Bot gentoo-dev 2020-12-07 23:26:40 UTC 
CVE-2020-28935 (https://nvd.nist.gov/vuln/detail/CVE-2020-28935):
  A symbolic link traversal vulnerability was found in the way nsd and unbound
  writes its PID file while starting up. A local attacker with access to the
  nsd or unbound user could set up a link to another file, owned by root, and
  make unbound overwrite it during its next restart, destroying the original
  content.
Comment 1 Larry the Git Cow gentoo-dev 2020-12-08 07:32:51 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a78fa865809db64d25774d96b36830cd0583c106

commit a78fa865809db64d25774d96b36830cd0583c106
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2020-12-08 07:32:40 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2020-12-08 07:32:48 +0000

    net-dns/nsd: Security cleanup
    
    Bug: https://bugs.gentoo.org/758977
    Package-Manager: Portage-3.0.12, Repoman-3.0.2
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-dns/nsd/Manifest         |   2 -
 net-dns/nsd/nsd-4.2.4.ebuild | 116 -------------------------------------------
 net-dns/nsd/nsd-4.3.3.ebuild | 116 -------------------------------------------
 3 files changed, 234 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2657c97364679bbd7112226f81c19935f8190b9e

commit 2657c97364679bbd7112226f81c19935f8190b9e
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2020-12-08 07:32:05 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2020-12-08 07:32:48 +0000

    net-dns/nsd: v4.3.4: Security stabilization for amd64 and x86
    
    Bug: https://bugs.gentoo.org/758977
    Package-Manager: Portage-3.0.12, Repoman-3.0.2
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-dns/nsd/nsd-4.3.4.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2021-01-28 01:32:42 UTC 
GLSA opened.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2021-01-29 00:06:01 UTC 
This issue was resolved and addressed in
 GLSA 202101-38 at https://security.gentoo.org/glsa/202101-38
by GLSA coordinator Aaron Bauman (b-man).