Bug 680360 (CVE-2011-1019)
Summary: | CVE-2011-1019 kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Eugene Teo (Security Response) <eteo> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | arozansk, dhoward, kernel-mgr, kmcmartin, lwang, plougher, stanislav.polasek, tcallawa, vkrizan |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-07-29 14:00:21 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 681772, 681773, 681774 | ||
Bug Blocks: |
Description
Eugene Teo (Security Response)
2011-02-25 09:05:40 UTC
Upstream commit: http://git.kernel.org/linus/8909c9ad8ff03611c9c96c9a92656213e4bb495b Needs this fix too: http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff_plain;h=6dfbd87a20a737641ef228230c77f4262434fa24 (In reply to comment #4) > Needs this fix too: > http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff_plain;h=6dfbd87a20a737641ef228230c77f4262434fa24 Not strictly true, because net/ipv6/ip6_tunnel.c lacked an MODULE_ALIAS to begin with, so you couldn't autoload it as "ip6tnl0" before anyway. Before commit 8909c9ad8ff03611c9c96c9a92656213e4bb495b % ifconfig ip6tnl0 ip6tnl0: error fetching interface information: Device not found After commit 8909c9ad8ff03611c9c96c9a92656213e4bb495b % ifconfig ip6tnl0 ip6tnl0: error fetching interface information: Device not found This commit is basically fixing the lack of a MOD_ALIAS. Similar fixes went into mainline last year for ip_gre.c and ipip.c http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4da6a738ffdb99b88efbe5b4c4fe521ca453640d http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8afe7c8acd33bc52c56546e73e46e9d546269e2c In other words it is an independent mainline fix, unrelated to the security hole that CVE--2011-1019 is fixing. This issue has been addressed in following products: MRG for RHEL-5 Via RHSA-2011:0500 https://rhn.redhat.com/errata/RHSA-2011-0500.html This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0498 https://rhn.redhat.com/errata/RHSA-2011-0498.html Statement: This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport the upstream commit a8f80e8f that introduced this flaw. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0498.html and https://rhn.redhat.com/errata/RHSA-2011-0500.html. |