Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 04 Jun 2013 12:55:48 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Marc Deslauriers <marc.deslauriers@...onical.com>
Subject: Re: CVE Request: libimobiledevice insecure /tmp use

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/31/2013 08:43 AM, Marc Deslauriers wrote:
> Hello,
> 
> In libimobiledevice, the following commit:
> 
> http://cgit.sukimashita.com/libimobiledevice.git/commit/src?id=825d...
>
>  Falls back to creating files in /tmp if $XDG_CONFIG_HOME and $HOME
> are unset. In some distros, upowerd runs this as root, which causes
> files in /tmp to be created and updated in an insecure manner as
> root, allowing for symlink attacks.
> 
> Bugs: 
> http://libiphone.lighthouseapp.com/projects/27916-libiphone/tickets/331-insecure-tmp-directory-use
>
> 
https://bugs.launchpad.net/ubuntu/+source/libimobiledevice/+bug/1164263
> 
> Could a CVE please be assigned to this issue?
> 
> Thanks,
> 
> Marc.

Please use CVE-2013-2142 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRrjgzAAoJEBYNRVNeJnmT0E0P/09xKFWcrZspZ1bLdg/4MC8u
KYnfJdOJ6nNVr+p3MdOnO2esZh6d8F5rfXvasAWLnV9scvRprEvjkWVvSDPDICJ4
QhdMaptR59SFqdCPERYvDVGRN/Aj5b6S6t16TcpGvhsFH9ho6ESfj4XmxuZJLSac
Q/5pwnoyX66ZkfAV7CAEKFqsNGJK5YMdfJuNYeOA8JdVcpY9HgNkb+UuSjGnZRGr
7QUUmlVyKWUiz7EOZEisli6xAeAD20w/SCgsjS+5ldIa0mYudDTA1MZ51p2+diY6
Kj3oAGw9NHLNFxpBXzdDHwY7TPlbUKNHrfYh5PhVCMSGmW+rb6ARHOsre0ozGEAg
hJumTGI3CVyoFhe4x19A8TWaTaPAoWDcG+90DRUSOf3KD7oajcy34/0RQv17/1to
iAsV2DGR0H2nEq5NN4pkmoUeoY28dJtBEu/AS9eTv9TJhULWOixuclJtoeXQeYXi
gNIS75AWu57NCoXuM0ZrgukQJ9eaWsDg7QdCoUKJ1yDnPN4Wu68mFlpqfKtTAE6a
La8haZiwHtr6M00J3UlHUyWenttxXtuacnotaRs+K6nIrieurlV4ZOIAr7CjrEOP
/ru1YmxzVL/AJpAfW/f/chMnksT5a3zjh+gQTVVXYQblYWWP7/sggL13kPtz3nsb
9at9trjzKcIzMKRm+CwS
=B0+o
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ