Bug 1870052 (CVE-2020-24332)
| Summary: | CVE-2020-24332 trousers: tss user can be used to create or corrupt existing files, this could lead to DoS | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Marian Rehak <mrehak> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | gblomqui, igor.raits, jlyle, jsnitsel |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | trousers 0.3.14 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-05-18 20:34:38 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1870053, 1877516, 1877517, 1972198, 1972199 | ||
| Bug Blocks: | 1849039 | ||
|
Description
Marian Rehak
2020-08-19 09:38:34 UTC
Created trousers tracking bugs for this issue: Affects: fedora-all [bug 1870053] Upstream commit for this issue: https://sourceforge.net/p/trousers/trousers/ci/e74dd1d96753b0538192143adf58d04fcd3b242b/ When tcsd starts it opens the system.data file, however it doesn't check if it already exists as a symbolic link. An attack can leverage that to force tcsd to overwrite any previous existing file, causing data corruption and possible DoS. This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:1627 https://access.redhat.com/errata/RHSA-2021:1627 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-24332 |