Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 758977 - <net-dns/nsd-4.3.4: symbolic link traversal when writing PID file (CVE-2020-28935)
Summary: <net-dns/nsd-4.3.4: symbolic link traversal when writing PID file (CVE-2020-2...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on:
Blocks: CVE-2020-28935
  Show dependency tree
 
Reported: 2020-12-07 23:26 UTC by GLSAMaker/CVETool Bot
Modified: 2021-01-29 00:06 UTC (History)
1 user (show)

See Also:
Package list:
net-dns/nsd-4.3.4
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2020-12-07 23:26:40 UTC
CVE-2020-28935 (https://nvd.nist.gov/vuln/detail/CVE-2020-28935):
  A symbolic link traversal vulnerability was found in the way nsd and unbound
  writes its PID file while starting up. A local attacker with access to the
  nsd or unbound user could set up a link to another file, owned by root, and
  make unbound overwrite it during its next restart, destroying the original
  content.
Comment 1 Larry the Git Cow gentoo-dev 2020-12-08 07:32:51 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a78fa865809db64d25774d96b36830cd0583c106

commit a78fa865809db64d25774d96b36830cd0583c106
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2020-12-08 07:32:40 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2020-12-08 07:32:48 +0000

    net-dns/nsd: Security cleanup
    
    Bug: https://bugs.gentoo.org/758977
    Package-Manager: Portage-3.0.12, Repoman-3.0.2
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-dns/nsd/Manifest         |   2 -
 net-dns/nsd/nsd-4.2.4.ebuild | 116 -------------------------------------------
 net-dns/nsd/nsd-4.3.3.ebuild | 116 -------------------------------------------
 3 files changed, 234 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2657c97364679bbd7112226f81c19935f8190b9e

commit 2657c97364679bbd7112226f81c19935f8190b9e
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2020-12-08 07:32:05 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2020-12-08 07:32:48 +0000

    net-dns/nsd: v4.3.4: Security stabilization for amd64 and x86
    
    Bug: https://bugs.gentoo.org/758977
    Package-Manager: Portage-3.0.12, Repoman-3.0.2
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-dns/nsd/nsd-4.3.4.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 2 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2021-01-28 01:32:42 UTC
GLSA opened.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2021-01-29 00:06:01 UTC
This issue was resolved and addressed in
 GLSA 202101-38 at https://security.gentoo.org/glsa/202101-38
by GLSA coordinator Aaron Bauman (b-man).