Bug 845350 - (CVE-2012-3449) CVE-2012-3449 openvswitch: creates world writable directories: /var/lib/openvswitch/pki/*ca/incoming/
CVE-2012-3449 openvswitch: creates world writable directories: /var/lib/openv...
Status: CLOSED CURRENTRELEASE
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20120802,reported=2...
: Security
Depends On: 845351
Blocks:
  Show dependency treegraph
 
Reported: 2012-08-02 15:05 EDT by Kurt Seifried
Modified: 2013-02-28 10:33 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-28 10:33:52 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Kurt Seifried 2012-08-02 15:05:58 EDT
Andreas Beckmann debian@abeckmann.de reports:

openvswitch-pki creates the following world writable directories during
installation:

    drwx-wx-wx 2 root root 40 Aug  1 05:32 /var/lib/openvswitch/pki/controllerca/incoming
    drwx-wx-wx 2 root root 40 Aug  1 05:32 /var/lib/openvswitch/pki/switchca/incoming

Even if an ordinary local user cannot list the contents of the
directory, he may correctly derive/guess filenames (unless they are
exclusively $(mktemp)) and delete and replace files in there.

I don't know how openvswitch-pki works, how it uses this directory,
what probelms could possibly arise out of this.

References: 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683665

Please note on Fedora 16 and 17 run the command:

/usr/bin/ovs-pki --force init

to create the directories.
Comment 1 Kurt Seifried 2012-08-02 15:06:39 EDT
Created openvswitch tracking bugs for this issue

Affects: fedora-all [bug 845351]
Comment 2 Thomas Graf 2012-11-19 08:56:45 EST
Fixes pushed to all affected Fedora versions.
Comment 3 Thomas Graf 2013-02-28 10:33:52 EST
See comment #c2

Note You need to log in before you can comment on or make changes to this bug.