Bug 785163 - (CVE-2012-1106) CVE-2012-1106 abrt: Setuid process core dump archived with unsafe GID permissions
CVE-2012-1106 abrt: Setuid process core dump archived with unsafe GID permiss...
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 783450 800027
Blocks: 784298 785171
  Show dependency treegraph
Reported: 2012-01-27 08:50 EST by Jan Lieskovsky
Modified: 2012-08-22 06:56 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
No documentation needed
Story Points: ---
Clone Of:
Last Closed: 2012-06-20 07:10:38 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2012-01-27 08:50:20 EST
A sensitive information disclosure flaw was found in the way abrt, the automatic bug detection and reporting tool, performed archiving of certain core dump files. When the abrt C handler plug-in and core dumps for setuid and setgid processes were enabled (via fs.suid_dumpable=2), an unprivileged local user could use this flaw to obtain access to core dump files of setuid processes, which terminated with crash and were run by the same unprivileged user, leading to disclosure of sensitive information due to weak GID permissions, those core dump files were created with.
Comment 2 Jan Lieskovsky 2012-01-27 09:46:28 EST
This issue affects the version of the abrt package, as shipped with Red Hat
Enterprise Linux 6.


This issue affects the versions of the abrt package, as shipped with Fedora release of 15 and 16.
Comment 3 Stefan Cornelius 2012-03-05 10:00:02 EST
A CVE identifier of CVE-2012-1106 has been assigned to this issue.
Comment 5 Stefan Cornelius 2012-03-05 11:06:39 EST
Created abrt tracking bugs for this issue

Affects: fedora-all [bug 800027]
Comment 10 errata-xmlrpc 2012-06-20 03:04:15 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2012:0841 https://rhn.redhat.com/errata/RHSA-2012-0841.html
Comment 12 Mark J. Cox 2012-08-22 06:56:54 EDT

This issue was discovered by Dominic Cleal of Red Hat

Note You need to log in before you can comment on or make changes to this bug.