oss-security - CVE request: kernel: connector security bypass

Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Date: Mon, 02 Nov 2009 17:40:13 +0800
From: Eugene Teo <eugeneteo@...nel.sg>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE request: kernel: connector security bypass

1/ uvesafb/connector: Disallow unprivileged users to send netlink packets
upstream commit: cc44578b5a508889beb8ae3ccd4d2bbdf17bc86c
introduced in v2.6.24-rc1; fixed in v2.6.32-rc3

2/ pohmelfs/connector: Disallow unprivileged users to configure pohmelfs
upstream commit: 98a5783af02f4c9b87b676d7bbda6258045cfc76
(staging/experimental)

3/ dst/connector: Disallow unprivileged users to configure dst
upstream commit: 5788c56891cfb310e419c4f9ae20427851797431
(staging/experimental)

4/ dm/connector: Only process connector packages from privileged processes
upstream commit: 24836479a126e02be691e073c2b6cad7e7ab836a
introduced in v2.6.31-rc1; fixed in v2.6.32-rc3

2/ and 3/ are experimental; I doubt distros are supporting these.
1/ and 4/ fixed similar issues, so perhaps we should just have one CVE 
name for this.

References:
http://secunia.com/advisories/37113/
http://xorl.wordpress.com/2009/10/31/linux-kernel-multiple-capabilities-missing-checks/

Thanks, Eugene

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.