Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 184071 - media-video/nvclock: insecure temporary file usage (CVE-2007-3531)
Summary: media-video/nvclock: insecure temporary file usage (CVE-2007-3531)
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: B1? [glsa]
Depends on:
Reported: 2007-07-03 10:04 UTC by Tavis Ormandy (RETIRED)
Modified: 2007-07-24 23:11 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

use $HOME/.nvclock instead of /tmp/nvclock (nvclock-insecure-tmp.diff,1.07 KB, patch)
2007-07-03 10:05 UTC, Tavis Ormandy (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Tavis Ormandy (RETIRED) gentoo-dev 2007-07-03 10:04:50 UTC
nvclock creates the file /tmp/nvclock insecurely, and then reads from it insecurely.

Malverian, could you handle this bug? 

Quick patch will be attached shortly.
Comment 1 Tavis Ormandy (RETIRED) gentoo-dev 2007-07-03 10:05:24 UTC
Created attachment 123751 [details, diff]
use $HOME/.nvclock instead of /tmp/nvclock
Comment 2 Tavis Ormandy (RETIRED) gentoo-dev 2007-07-03 18:02:35 UTC
this is CVE-2007-3531
Comment 3 Tavis Ormandy (RETIRED) gentoo-dev 2007-07-05 11:12:39 UTC
I went ahead and fixed it, as there is no maintainer.

x86: please test and mark stable nvclock-0.7-r2
Comment 4 Raúl Porcel (RETIRED) gentoo-dev 2007-07-05 11:40:03 UTC
x86 stable
Comment 5 Tavis Ormandy (RETIRED) gentoo-dev 2007-07-11 09:35:29 UTC
Okay, we're ready for a glsa vote.

I'm tempted to vote YES, as arbitrary code execution is possible.
Comment 6 Stefan Cornelius (RETIRED) gentoo-dev 2007-07-11 09:45:29 UTC
tend to say yes here, too.
Comment 7 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-07-15 09:48:14 UTC
Voting YES.
Comment 8 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-07-24 23:11:47 UTC
let's GLSA 200707-08 then