Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Sat, 25 Jun 2016 07:12:39 +0200
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Cc: David Sinquin <david@...quin.eu>, Ben Hutchings <ben@...adent.org.uk>,
	CVE Assignments MITRE <cve-assign@...re.org>
Subject: Linux CVE-2016-1237: nfsd: any user can set a file's ACL over NFS
 and grant access to it

Hi

David Sinquin reported that anyone may be able to grant themselves
permissions to a file by setting the ACL. nfsd did not check
permissions when setting ACLs.

CVE-2016-1237 was assigned by the Debian security team for this issue
were David Singuin initially reported the issue.

The permission checks and inode locking were lost in a refactoring
with commit 4ac7249ea5a0ceef9f8269f63f33cc873c3fac61 which was in
v3.14-rc1.

The issue is fixed with commit
999653786df6954a31044528ac3f7a5dadca08f4 in Linus' tree.

Introduced in: https://git.kernel.org/linus/4ac7249ea5a0ceef9f8269f63f33cc873c3fac61 (v3.14-rc1)

Prerequisite: https://git.kernel.org/linus/485e71e8fb6356c08c7fc6bcce4bf02c9a9a663f 

Fixed by https://git.kernel.org/linus/999653786df6954a31044528ac3f7a5dadca08f4 

Regards,
Salvatore

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ