Date: Mon, 6 Jun 2011 09:40:14 -0700 From: Greg KH <greg@...ah.com> To: oss-security <oss-security@...ts.openwall.com> Cc: "Steven M. Christey" <coley@...us.mitre.org>, Chris Evans <scarybeasts@...il.com>, Kees Cook <kees@...ntu.com> Subject: Re: CVE Request -- vsftpd -- Do not create network namespace per connection On Mon, Jun 06, 2011 at 06:19:45PM +0200, Jan Lieskovsky wrote: > Hello, Josh, Steve, vendors, > > It was found that vsftpd, Very Secure FTP daemon, when the network > namespace (CONFIG_NET_NS) support was activated in the kernel, used to > create a new network namespace per connection. A remote attacker could > use this flaw to cause a memory pressure and denial of the vsftpd > service. > > References: >  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629373 >  https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720095 >  https://bugzilla.redhat.com/show_bug.cgi?id=711134 > > This one being a bit tricky one -- from my understanding of the issue, > vsftpd doesn't necessarily have a security flaw on its side. It's > kernel issue / bug, which allows this to be used for vsftpd DoS: >  https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720095/comments/31 >  https://bugs.launchpad.net/ubuntu/+source/linux/+bug/720095/comments/32 > > Short-term solution would be probably to address this on the vsftpd > side, the long-term one then being to get this fixed in kernel. This should already be fixed in the kernel, it looks like it's just older kernels that has the issue, if the distro enabled that specific option, so there's really nothing that needs to be done here, or a CVE assigned that I can tell, right? thanks, greg k-h
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ