Bug 1039812 (CVE-2013-6433)

Summary: CVE-2013-6433 openstack-quantum/openstack-neutron: rootwrap sudo config allows potential privilege escalation
Product: [Other] Security Response Reporter: Garth Mollett <gmollett>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: aortega, apevec, ayoung, chrisw, gkotton, gmollett, iheim, lhh, lpeer, majopela, markmc, rbryant, sclewis, security-response-team, yeylon
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openstack-neutron-2013.2.2-5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-07-15 07:42:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1039816, 1039817    
Bug Blocks: 1039820, 1063143    

Description Garth Mollett 2013-12-10 04:18:12 UTC
Kashyap Chamarthy <kchamart@redhat.com> reports:

It's possible for Neutron (OpenStack networking) users to pass arbitrary
config files via rootwrap[*] which allows privilege escalation
by letting user add more exec directories, change configurations of
commands using rootwrap, log more than what needs to be done, etc.

Comment 11 Martin Prpič 2014-05-15 13:36:35 UTC
Acknowledgements:

This issue was discovered by Kashyap Chamarthy of Red Hat.

Comment 15 errata-xmlrpc 2014-05-29 20:18:00 UTC
This issue has been addressed in following products:

  OpenStack 4 for RHEL 6

Via RHSA-2014:0516 https://rhn.redhat.com/errata/RHSA-2014-0516.html