oss-sec mailing list archives
Re: Problems in automatic crash analysis frameworks
From: Florian Weimer <fweimer () redhat com>
Date: Tue, 05 May 2015 14:17:32 +0200
On 04/23/2015 09:10 PM, Florian Weimer wrote:
On 04/17/2015 09:16 PM, Florian Weimer wrote:A quick update on the abrt situation.Another update. We now have a public tracking bug listing the issues: <https://bugzilla.redhat.com/show_bug.cgi?id=1214172>
We have identified one more issue: abrt-action-install-debuginfo-to-abrt-cache is a SUID wrapper which incorrectly filters the process environment (umask and truncated command line arguments such as “--ca“) before invoking the actual program. This allows a local attacker to create a world-writable problem directory and eventually escalate their privileges to root. (Other attacks against the cpio extraction might be feasible.) CVE-2015-3159 <https://bugzilla.redhat.com/show_bug.cgi?id=1216962> Jakub Filak has created several pull requests fixing all the issues identified so far: <https://github.com/abrt/abrt/pull/950> <https://github.com/abrt/abrt/pull/955> <https://github.com/abrt/libreport/pull/346> There is a public build (against EPEL7) of the consolidated fixes, available as a Copr repository: <http://copr.fedoraproject.org/coprs/jfilak/abrt-hardened/> This also includes the consolidated fixes. At this stage, we'd appreciate additional comments/reviews. -- Florian Weimer / Red Hat Product Security
Current thread:
- Re: Problems in automatic crash analysis frameworks, (continued)
- Re: Problems in automatic crash analysis frameworks cve-assign (Apr 15)
- Re: Re: Problems in automatic crash analysis frameworks Huzaifa Sidhpurwala (Apr 15)
- Re: Problems in automatic crash analysis frameworks cve-assign (Apr 15)
- Re: Re: Problems in automatic crash analysis frameworks Huzaifa Sidhpurwala (Apr 15)
- Re: Problems in automatic crash analysis frameworks cve-assign (Apr 16)
- Re: Re: Problems in automatic crash analysis frameworks Huzaifa Sidhpurwala (Apr 15)
- Re: Problems in automatic crash analysis frameworks cve-assign (Apr 15)
- Re: Problems in automatic crash analysis frameworks Grandma Eubanks (Apr 17)
- Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 17)
- Re: Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 17)
- Re: Problems in automatic crash analysis frameworks Florian Weimer (Apr 23)
- Re: Problems in automatic crash analysis frameworks Florian Weimer (May 05)
- Re: Problems in automatic crash analysis frameworks Tavis Ormandy (May 05)
- Re: Problems in automatic crash analysis frameworks Florian Weimer (May 05)
- Re: Problems in automatic crash analysis frameworks Tavis Ormandy (May 05)
- Re: Re: Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 15)
- Re: Re: Problems in automatic crash analysis frameworks Tavis Ormandy (Apr 15)