oss-security - Re: Fwd: setroubleshoot root exploit (CVE-Request)

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Date: Thu, 26 Mar 2015 13:43:06 +0530
From: Huzaifa Sidhpurwala <huzaifas@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: Fwd: setroubleshoot root exploit (CVE-Request)

On 03/26/2015 12:31 PM, Sebastian Krahmer wrote:
> 
> As per list policy, here is the forward of the distros post. CRD was shifted
> to today.
> 
> 
> ----- Forwarded message from Sebastian Krahmer <krahmer@...e.de> -----
> 
> Date: Wed, 18 Mar 2015 09:46:10 +0100
> From: Sebastian Krahmer <krahmer@...e.de>
> To: distros@...openwall.org
> subject: ***UNCHECKED*** [vs] setroubleshoot root exploit (CVE-Request)
> X-Mailer: MIME-tools 5.501 (Entity 5.501)
> 
> Hi
> 
> I already sent this to upstream. Initially I thought this only
> affects redhat, but it seems that ubuntu is also using setroubleshoot.
> CRD is 24.3.
> 
> setroubleshoot tries to find out which rpm a particular
> file belongs to when it finds SELinux access violation reports.
> The idea is probably to have convenient reports for the admin
> which type enforcement rules have to be relaxed. setroubleshoot
> runs as root (although in its own domain). In util.py
> we have:
> 
> 
Previously CVE-2015-1815 as assigned on distros.




-- 
Huzaifa Sidhpurwala / Red Hat Product Security Team

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.