Red Hat Bugzilla – Bug 785163
CVE-2012-1106 abrt: Setuid process core dump archived with unsafe GID permissions
Last modified: 2012-08-22 06:56:54 EDT
A sensitive information disclosure flaw was found in the way abrt, the automatic bug detection and reporting tool, performed archiving of certain core dump files. When the abrt C handler plug-in and core dumps for setuid and setgid processes were enabled (via fs.suid_dumpable=2), an unprivileged local user could use this flaw to obtain access to core dump files of setuid processes, which terminated with crash and were run by the same unprivileged user, leading to disclosure of sensitive information due to weak GID permissions, those core dump files were created with.
This issue affects the version of the abrt package, as shipped with Red Hat
Enterprise Linux 6.
This issue affects the versions of the abrt package, as shipped with Fedora release of 15 and 16.
A CVE identifier of CVE-2012-1106 has been assigned to this issue.
Created abrt tracking bugs for this issue
Affects: fedora-all [bug 800027]
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2012:0841 https://rhn.redhat.com/errata/RHSA-2012-0841.html
This issue was discovered by Dominic Cleal of Red Hat