blob: 7a8e888d831b2ab45a41caff768f69983a9075d0 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Candidate: CVE-2009-3286
Description:
There is an issue with O_EXCL creates on NFSv4 that with enough
attempts, it is possible for a lingering file from a failed create that
is world-writable but only setuid execute as the user who is attempting
these creates. Fortunately, root is not susceptible to this bug, so a
setuid root file should not be possible. It might be possible to exploit
this to gain access as another user though.
References:
http://www.openwall.com/lists/oss-security/2009/09/21/2
https://bugzilla.redhat.com/show_bug.cgi?id=524520#c0
Ubuntu-Description:
Notes:
Bugs:
upstream: released (2.6.30-rc1) [79fb54ab]
linux-2.6: released (2.6.30-1)
2.6.18-etch-security: released (2.6.18.dfsg.1-26etch1) [bugfix/all/nfsd4-reindent-do_open_lookup.patch, bugfix/all/nfsd4-fix-open-create-permissions.patch, bugfix/all/nfsd4-de-union-iattr-and-verf.patch]
2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch1) [bugfix/all/nfsd4-de-union-iattr-and-verf.patch]
2.6.26-lenny-security: released (2.6.26-19lenny1) [bugfix/all/nfsd4-de-union-iattr-and-verf.patch]
|
