[kernel-sec-discuss] r1708 - active retired

[Moritz Muehlenhoff]

Author: jmm
Date: 2010-02-01 23:16:48 +0000 (Mon, 01 Feb 2010)
New Revision: 1708

Added:
   retired/CVE-2009-3286
Removed:
   active/CVE-2009-3286
Log:
retire issue


Deleted: active/CVE-2009-3286
===================================================================
--- active/CVE-2009-3286	2010-02-01 22:16:35 UTC (rev 1707)
+++ active/CVE-2009-3286	2010-02-01 23:16:48 UTC (rev 1708)
@@ -1,19 +0,0 @@
-Candidate: CVE-2009-3286
-Description:
- There is an issue with O_EXCL creates on NFSv4 that with enough 
- attempts, it is possible for a lingering file from a failed create that 
- is world-writable but only setuid execute as the user who is attempting 
- these creates. Fortunately, root is not susceptible to this bug, so a 
- setuid root file should not be possible. It might be possible to exploit 
- this to gain access as another user though.
-References:
- http://www.openwall.com/lists/oss-security/2009/09/21/2
- https://bugzilla.redhat.com/show_bug.cgi?id=524520#c0
-Ubuntu-Description:
-Notes:
-Bugs:
-upstream: released (2.6.30-rc1) [79fb54ab]
-linux-2.6: released (2.6.30-1)
-2.6.18-etch-security: released (2.6.18.dfsg.1-26etch1) [bugfix/all/nfsd4-reindent-do_open_lookup.patch, bugfix/all/nfsd4-fix-open-create-permissions.patch, bugfix/all/nfsd4-de-union-iattr-and-verf.patch]
-2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch1) [bugfix/all/nfsd4-de-union-iattr-and-verf.patch]
-2.6.26-lenny-security: released (2.6.26-19lenny1) [bugfix/all/nfsd4-de-union-iattr-and-verf.patch]

Copied: retired/CVE-2009-3286 (from rev 1706, active/CVE-2009-3286)
===================================================================
--- retired/CVE-2009-3286	                        (rev 0)
+++ retired/CVE-2009-3286	2010-02-01 23:16:48 UTC (rev 1708)
@@ -0,0 +1,19 @@
+Candidate: CVE-2009-3286
+Description:
+ There is an issue with O_EXCL creates on NFSv4 that with enough 
+ attempts, it is possible for a lingering file from a failed create that 
+ is world-writable but only setuid execute as the user who is attempting 
+ these creates. Fortunately, root is not susceptible to this bug, so a 
+ setuid root file should not be possible. It might be possible to exploit 
+ this to gain access as another user though.
+References:
+ http://www.openwall.com/lists/oss-security/2009/09/21/2
+ https://bugzilla.redhat.com/show_bug.cgi?id=524520#c0
+Ubuntu-Description:
+Notes:
+Bugs:
+upstream: released (2.6.30-rc1) [79fb54ab]
+linux-2.6: released (2.6.30-1)
+2.6.18-etch-security: released (2.6.18.dfsg.1-26etch1) [bugfix/all/nfsd4-reindent-do_open_lookup.patch, bugfix/all/nfsd4-fix-open-create-permissions.patch, bugfix/all/nfsd4-de-union-iattr-and-verf.patch]
+2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch1) [bugfix/all/nfsd4-de-union-iattr-and-verf.patch]
+2.6.26-lenny-security: released (2.6.26-19lenny1) [bugfix/all/nfsd4-de-union-iattr-and-verf.patch]