Bug 654935
Summary: | CVE-2010-4176 dracut: /dev/systty permissions could allow remote users to snoop on local users [fedora-all] | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Huzaifa S. Sidhpurwala <huzaifas> |
Component: | dracut | Assignee: | Harald Hoyer <harald> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 13 | CC: | harald, jonathan, req1348 |
Target Milestone: | --- | Keywords: | Security, SecurityTracking |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | udev-153-5.fc13 | Doc Type: | Release Note |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-11-24 22:38:14 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 654489 |
Description
Huzaifa S. Sidhpurwala
2010-11-19 04:14:33 UTC
udev-153-5.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/udev-153-5.fc13 dracut-006-4.fc14,udev-161-7.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/dracut-006-4.fc14,udev-161-7.fc14 udev-153-5.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update udev'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/udev-153-5.fc13 This update broke sound on my laptop (Compal JFL92) on F14 x86_64. The bug is 100% reproducible: 1. Install the udev/dracut update 2. Rebuild the initramfs image (dracut -f) 3. Reboot Pulseaudio won't find any sound card when running module-udev-detect, and will fall back to dummy audio output. If I downgrade udev and dracut, and rebuild the initramfs image, the problem doesn't appear anymore. Later tomorrow I should be able to test it on other systems. dracut-006-5.fc14, udev-161-7.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report. udev-153-5.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. |