Bug 2004422
| Summary: | CVE-2021-3802 udisks2: insecure defaults in user-accessible mount helpers allow for a DoS [rhel-8] | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Sandipan Roy <saroy> |
| Component: | udisks2 | Assignee: | Tomáš Bžatek <tbzatek> |
| Status: | CLOSED ERRATA | QA Contact: | guazhang <guazhang> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 8.6 | CC: | guazhang, mrehak, tbzatek |
| Target Milestone: | rc | Keywords: | Security, SecurityTracking, Triaged |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | udisks2-2.9.0-8.el8 | Doc Type: | No Doc Update |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-05-10 13:46:01 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2003649 | ||
| Deadline: | 2023-03-12 | ||
|
Description
Sandipan Roy
2021-09-15 09:18:10 UTC
Hi, kernel panic while test with udisks2-2.9.0-7.el8 Oct 27 02:25:38 storageqe-58 dbus-daemon[1269]: [system] Activating via systemd: service name='org.freedesktop.UDisks2' unit='udisks2.service' requested by ':1.27' (uid=0 pid=2095 comm="udisksctl loop-setup --file poc.img ") Oct 27 02:25:38 storageqe-58 systemd[1]: Starting Disk Manager... Oct 27 02:25:38 storageqe-58 journal[2098]: udisks daemon version 2.9.0 starting Oct 27 02:25:38 storageqe-58 dbus-daemon[1269]: [system] Successfully activated service 'org.freedesktop.UDisks2' Oct 27 02:25:38 storageqe-58 systemd[1]: Started Disk Manager. Oct 27 02:25:39 storageqe-58 journal[2098]: Acquired the name org.freedesktop.UDisks2 on the system message bus Oct 27 02:25:39 storageqe-58 kernel: loop: module loaded Oct 27 02:25:39 storageqe-58 kernel: loop0: detected capacity change from 0 to 61440 Oct 27 02:25:39 storageqe-58 journal[2098]: Set up loop device /dev/loop0 (backed by /home/test/poc.img) Oct 27 02:25:39 storageqe-58 kernel: EXT4-fs error (device loop0): ext4_fill_super:4556: inode #2: comm pool: iget: root inode unallocated Do not panic while test with udisks2-2.9.0-8.el8.x86_64 # sh test.sh mke2fs 1.45.6 (20-Mar-2020) poc.img contains a ext4 file system created on Wed Oct 27 00:29:50 2021 Proceed anyway? (y,N) y Filesystem too small for a journal Discarding device blocks: done Creating filesystem with 60 1k blocks and 16 inodes Allocating group tables: done Writing inode tables: done Writing superblocks and filesystem accounting information: done debugfs 1.45.6 (20-Mar-2020) debugfs: open -w poc.img debugfs: set_super_value errors 3 debugfs: set_inode_field . links_count 0 debugfs: close -a debugfs: Mapped file poc.img as /dev/loop0. Error mounting /dev/loop0: GDBus.Error:org.freedesktop.UDisks2.Error.Failed: Error mounting /dev/loop0 at /run/media/root/9366c2c4-d6ab-4697-838d-b8f716b206f0: mount(2) system call failed: Structure needs cleaning Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Low: udisks2 security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:1820 |