Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1212868 - (CVE-2015-1870) CVE-2015-1870 abrt: default abrt event scripts lead to information disclosure
CVE-2015-1870 abrt: default abrt event scripts lead to information disclosure
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20150417,reported=2...
: Security
Depends On: 1211966 1211967 1212869 1212870 1212871
Blocks: 1211224 1214172
  Show dependency treegraph
 
Reported: 2015-04-17 10:45 EDT by Florian Weimer
Modified: 2015-07-10 04:13 EDT (History)
10 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
It was found that the ABRT event scripts created a user-readable copy of an sosreport file in ABRT problem directories, and included excerpts of /var/log/messages selected by the user-controlled process name, leading to an information disclosure. The fix for this issue prevents non-privileged users from accessing any crash reports, even reports of crashes of processes owned by those users. Only administrators (the wheel group members) are allowed to access crash reports via the "System" tab in the ABRT GUI, or by running abrt-cli as root (that is, via "sudo abrt-cli" or "su -c abrt-cli").
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-07-09 01:34:39 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:1083 normal SHIPPED_LIVE Important: abrt security update 2015-06-09 19:48:24 EDT
Red Hat Product Errata RHSA-2015:1210 normal SHIPPED_LIVE Moderate: abrt security update 2015-07-07 08:39:40 EDT

  None (edit)
Description Florian Weimer 2015-04-17 10:45:25 EDT 
It was discovered that the abrt event scripts create a user-readable
copy of a sosreport file in abrt problem directories, and include
excerpts of /var/log/messages selected by the user-controlled process
name, leading to an information disclosure.

Acknowledgement:

This issue was discovered by Florian Weimer of Red Hat Product Security.
Comment 2 Florian Weimer 2015-04-17 10:46:20 EDT 
Created abrt tracking bugs for this issue:

Affects: fedora-all [bug 1212871]
Comment 4 Jakub Filak 2015-05-05 07:17:15 EDT 
This upstream commit https://github.com/abrt/abrt/commit/8939398b82006ba1fec4ed491339fc075f43fc7c changes the owner to root.

This upstream commit https://github.com/abrt/abrt/commit/7d023c32a565e83306cddf34c894477b7aaf33d1 moves /var/tmp/abrt to /var/spool/abrt.

This upstream commit https://github.com/abrt/libreport/commit/c962918bc70a61a8cc647898ee8b1ff1c14a87c5 sets the mode of dump directories to 750.
Comment 7 Marek Bryša 2015-05-26 06:26:28 EDT 
I believe there is one tiny mistake in the Doc Text:
"The fix for this issue prevents non-privileged users FROM access TO any crash reports, ..."
Comment 8 errata-xmlrpc 2015-06-09 15:49:05 EDT 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2015:1083 https://rhn.redhat.com/errata/RHSA-2015-1083.html
Comment 9 errata-xmlrpc 2015-07-07 04:40:14 EDT 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2015:1210 https://rhn.redhat.com/errata/RHSA-2015-1210.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.