Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 34294 - iproute patch closes a locally-exploitable denial of service
Summary: iproute patch closes a locally-exploitable denial of service
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: GLSA Errors (show other bugs)
Hardware: All All
: Highest blocker (vote)
Assignee: Gentoo Security
URL: http://rhn.redhat.com/errata/RHSA-200...
Whiteboard:
Keywords:
: 48290 (view as bug list)
Depends on:
Blocks:
 
Reported: 2003-11-24 15:25 UTC by Andrea Barisani (RETIRED)
Modified: 2004-04-18 22:04 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
iproute netlink security patch (iproute2-2.4.7-netlink.patch,666 bytes, patch)
2003-11-24 15:26 UTC, Andrea Barisani (RETIRED)
Details | Diff
updated ebuild (iproute-20010824-r5.ebuild,2.27 KB, text/plain)
2004-04-06 07:18 UTC, Andrea Barisani (RETIRED)
Details
filesdir patch (iproute-netlink-spoof.patch,666 bytes, patch)
2004-04-06 07:19 UTC, Andrea Barisani (RETIRED)
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Andrea Barisani (RETIRED) gentoo-dev 2003-11-24 15:25:17 UTC
From RedHat advisory:

Herbert Xu reported that iproute can accept spoofed messages sent on the
kernel netlink interface by other users on the local machine.  This could
lead to a local denial of service attack.  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2003-0856 to
this issue.

I'm attaching the RedHat patch.

Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1 Andrea Barisani (RETIRED) gentoo-dev 2003-11-24 15:26:20 UTC
Created attachment 21221 [details, diff]
iproute netlink security patch
Comment 2 solar (RETIRED) gentoo-dev 2003-12-10 15:09:48 UTC
Andrea,
Pleae add this patch to iproute if it's needed and package mask older versions.
Also please inform arch herds if they need to mark stable where applicable.
Comment 3 Andrea Barisani (RETIRED) gentoo-dev 2004-03-30 04:25:03 UTC
Unfortunately this bug is really old, I'll handle it this week.
Comment 4 Andrea Barisani (RETIRED) gentoo-dev 2004-04-06 07:17:22 UTC
This bug was apparently acknowledged only by RedHat, I'm attaching an updated
ebuild + patch. I've tested it and it works fine. Could someone review this and
commit the update?

Anyway I don't think that we need a GLSA for this. 
Comment 5 Andrea Barisani (RETIRED) gentoo-dev 2004-04-06 07:18:41 UTC
Created attachment 28787 [details]
updated ebuild
Comment 6 Andrea Barisani (RETIRED) gentoo-dev 2004-04-06 07:19:53 UTC
Created attachment 28788 [details, diff]
filesdir patch
Comment 7 SpanKY gentoo-dev 2004-04-06 08:11:34 UTC
added the patch to iproute-20010824-r5
Comment 8 Andrea Barisani (RETIRED) gentoo-dev 2004-04-06 15:29:20 UTC
Thanks vapier.  Please everybody test the new ebuild and mark it stable when ready.
Comment 9 SpanKY gentoo-dev 2004-04-06 15:39:51 UTC
when building against 2.4 headers we see Bug 46978 ... i'm tracking it down now
Comment 10 SpanKY gentoo-dev 2004-04-06 21:02:28 UTC
Bug 46978 has been squashed so we can start pushing at arch maintainers ...

i tested it on my x86/hppa/mips/sparc and they all worked ...

could someone from ppc/alpha/amd64 test -r5 and make sure it's happy please ?
Comment 11 Andrea Barisani (RETIRED) gentoo-dev 2004-04-06 23:16:09 UTC
Works fine for me on ppc.
Comment 12 Bryan Østergaard (RETIRED) gentoo-dev 2004-04-07 03:12:06 UTC
Works fine on alpha.
Comment 13 Jon Portnoy (RETIRED) gentoo-dev 2004-04-07 07:13:56 UTC
Stable on AMD64.
Comment 14 Thierry Carrez (RETIRED) gentoo-dev 2004-04-07 08:20:43 UTC
OK so we're ready for a GLSA, if one is needed. Changing product/component.

-K
Comment 15 Andrea Barisani (RETIRED) gentoo-dev 2004-04-07 08:40:02 UTC
It's still marked unstable on ppc and alpha. btw I vote against a GLSA, any comments?
Comment 16 Thierry Carrez (RETIRED) gentoo-dev 2004-04-07 08:51:55 UTC
Setting component to Security as this is a vulnerability.
Comment 17 Bryan Østergaard (RETIRED) gentoo-dev 2004-04-07 10:48:37 UTC
Marked stable on Alpha.
Comment 18 Thierry Carrez (RETIRED) gentoo-dev 2004-04-07 13:04:14 UTC
The vuln is 5 month-old and not very severe (DoS by very determined local users, only on systems having iproute installed). I also vote against a GLSA for this one.

-K
Comment 19 SpanKY gentoo-dev 2004-04-07 15:57:46 UTC
it's your call daddy-o
Comment 20 Kurt Lieber (RETIRED) gentoo-dev 2004-04-08 01:14:55 UTC
the bug may be old, but our arches were still vulnerable to it until just a couple days ago.  Thus, I think we need to issue a GLSA for this one.
Comment 21 solar (RETIRED) gentoo-dev 2004-04-08 01:19:42 UTC
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0856
As of now it's still currently under review and has no votes. 
Is anybody aware of any other vendors doing a sec announcements for this?
Comment 22 Thierry Carrez (RETIRED) gentoo-dev 2004-04-09 06:01:25 UTC
GLSA 200404-10 published.
Comment 23 SpanKY gentoo-dev 2004-04-18 22:04:57 UTC
*** Bug 48290 has been marked as a duplicate of this bug. ***