Bug 695924 (CVE-2011-1677) - CVE-2011-1677 util-linux: umount may fail to remove /etc/mtab~ lock file
Summary: CVE-2011-1677 util-linux: umount may fail to remove /etc/mtab~ lock file
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2011-1677
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 695940 738789 768382
Blocks: 734217 734543 742493
TreeView+ depends on / blocked
 
Reported: 2011-04-12 22:15 UTC by Vincent Danen
Modified: 2019-09-29 12:44 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-02-21 08:34:36 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:1691 0 normal SHIPPED_LIVE Low: util-linux-ng security, bug fix, and enhancement update 2011-12-06 01:02:36 UTC
Red Hat Product Errata RHSA-2012:0307 0 normal SHIPPED_LIVE Low: util-linux security, bug fix, and enhancement update 2012-02-21 07:24:56 UTC

Description Vincent Danen 2011-04-12 22:15:51 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-1677 to
the following vulnerability:

Name: CVE-2011-1677
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1677
Assigned: 20110409
Reference: http://openwall.com/lists/oss-security/2011/03/04/11
Reference: http://openwall.com/lists/oss-security/2011/03/04/9
Reference: http://openwall.com/lists/oss-security/2011/03/04/10
Reference: http://openwall.com/lists/oss-security/2011/03/04/12
Reference: http://openwall.com/lists/oss-security/2011/03/05/3
Reference: http://openwall.com/lists/oss-security/2011/03/05/7
Reference: http://openwall.com/lists/oss-security/2011/03/07/9
Reference: http://openwall.com/lists/oss-security/2011/03/14/5
Reference: http://openwall.com/lists/oss-security/2011/03/14/7
Reference: http://openwall.com/lists/oss-security/2011/03/14/16
Reference: http://openwall.com/lists/oss-security/2011/03/15/6
Reference: http://openwall.com/lists/oss-security/2011/03/22/4
Reference: http://openwall.com/lists/oss-security/2011/03/22/6
Reference: http://openwall.com/lists/oss-security/2011/03/31/3
Reference: http://openwall.com/lists/oss-security/2011/03/31/4
Reference: http://openwall.com/lists/oss-security/2011/04/01/2
Reference: https://bugzilla.redhat.com/show_bug.cgi?id=688980

mount in util-linux 2.19 and earlier does not remove the /etc/mtab~
lock file after a failed attempt to add a mount entry, which has
unspecified impact and local attack vectors.
Comment 1 Vincent Danen 2011-04-12 22:35:57 UTC 
Created util-linux-ng tracking bugs for this issue

Affects: fedora-all [bug 695940]
Comment 2 Tomas Hoger 2011-05-12 14:11:05 UTC 
To correct the CVE description, umount is leaving lock (and temporary) file behind when it is killed by a signal.  umount can easily be killed while performing mtab update, as it does not block signals in the same way mount does (which is unaffected by this issue, as Karel noted in bug #695921, comment #2).

Summary of the patches that were committed upstream to address this and related
issues can be found in bug #695940, comment #5.
Comment 4 errata-xmlrpc 2011-12-06 17:10:56 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2011:1691 https://rhn.redhat.com/errata/RHSA-2011-1691.html
Comment 6 errata-xmlrpc 2012-02-21 03:20:29 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2012:0307 https://rhn.redhat.com/errata/RHSA-2012-0307.html
Note You need to log in before you can comment on or make changes to this bug.