294243 – (CVE-2009-3939) Kernel: megaraid_sas: poll_mode_io permissions to permissive (CVE-2009-3939)

Bug 294243 (CVE-2009-3939) - Kernel: megaraid_sas: poll_mode_io permissions to permissive (CVE-2009-3939)

Summary: Kernel: megaraid_sas: poll_mode_io permissions to permissive (CVE-2009-3939)

Status:	RESOLVED FIXED

Alias:	CVE-2009-3939

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://lkml.org/lkml/2009/12/2/481
Whiteboard:	[linux <2.6.33]
Keywords:

Depends on:
Blocks:

Reported:	2009-11-23 17:37 UTC by Alex Legler (RETIRED)
Modified:	2013-09-15 18:48 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alex Legler (RETIRED) archtester

2009-11-23 17:37:56 UTC

CVE-2009-3939 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3939):
  The poll_mode_io file for the megaraid_sas driver in the Linux kernel
  2.6.31.6 and earlier has world-writable permissions, which allows
  local users to change the I/O mode of the driver by modifying this
  file.

Comment 1 Bjoern Tropf (RETIRED) gentoo-dev

2009-12-07 09:16:53 UTC

@Kernel: Please fix this issue in the next release.
(This has not been fixed upstream yet; Severity: low)

Comment 2 Veemun 2010-01-05 17:14:38 UTC

any possibility of a workaround in the mean time? i.e. chmod 644? chmod 600?

Comment 3 Bjoern Tropf (RETIRED) gentoo-dev

2010-01-05 17:55:39 UTC

(In reply to comment #2)
> any possibility of a workaround in the mean time? i.e. chmod 644? chmod 600?

chmod 644 seems sufficient.
Upstream fixed the similar dbg_lvl vulnerability with 644 permissions:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=66dca9b8c50b5e59d3bea8b21cee5c6dae6c9c46

S_IRUGO|S_IWUSR => S_IRUSR|S_IRGRP|S_IROTH|S_IWUSR