Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 558677 - (CVE-2010-0299) CVE-2010-0299 kernel: Driver-Core: devtmpfs - set root directory mode to 0755
CVE-2010-0299 kernel: Driver-Core: devtmpfs - set root directory mode to 0755
Status: CLOSED CURRENTRELEASE
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
impact=important,source=vendor-sec,re...
: Security
Depends On: 547593 586016 586020
Blocks:
  Show dependency treegraph
 
Reported: 2010-01-25 19:34 EST by Eugene Teo (Security Response)
Modified: 2015-07-31 02:24 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-03-28 04:38:32 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Eugene Teo (Security Response) 2010-01-25 19:34:38 EST 
Description of problem:
devtmpfs - set root directory mode to 0755.

Devtmpfs lets the kernel create a tmpfs instance called devtmpfs very early at kernel initialization, before any driver-core device is registered. Every device with a major/minor will provide a device node in devtmpfs. Devtmpfs can be changed and altered by userspace at any time, and in any way needed - just like today's udev-mounted tmpfs.

Make sure the root directory permissions is 0755 instead of 1777.

This was introduced in v2.6.32-rc1 via commit 2b2af54a.

Upstream commit:
http://git.kernel.org/linus/f776c5ec4690b21b3668ad5956774a22c86f541a
http://git.kernel.org/linus/9329d1beaeed1a94f030c784dcec5ff973f402c4
Comment 1 Eugene Teo (Security Response) 2010-01-25 19:37:39 EST 
The Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5 and Red Hat Enterprise MRG did not include support for Devtmpfs, and therefore are not affected by this issue.
Comment 5 Chuck Ebbert 2010-01-28 22:16:04 EST 
Fixed in 2.6.32.7 by:

 driver-core-devtmpfs-set-root-directory-mode-to-0755.patch
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.