695916 – (CVE-2011-1675) CVE-2011-1675 util-linux: mount fails to anticipate RLIMIT_FSIZE

Bug 695916 (CVE-2011-1675) - CVE-2011-1675 util-linux: mount fails to anticipate RLIMIT_FSIZE

Summary: CVE-2011-1675 util-linux: mount fails to anticipate RLIMIT_FSIZE

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2011-1675
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	695940 738789 768382
Blocks:	734217 734543 742493
TreeView+	depends on / blocked

Reported:	2011-04-12 22:02 UTC by Vincent Danen
Modified:	2019-09-29 12:44 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-02-21 08:35:00 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2011:1691	0	normal	SHIPPED_LIVE	Low: util-linux-ng security, bug fix, and enhancement update	2011-12-06 01:02:36 UTC
Red Hat Product Errata	RHSA-2012:0307	0	normal	SHIPPED_LIVE	Low: util-linux security, bug fix, and enhancement update	2012-02-21 07:24:56 UTC

Description Vincent Danen 2011-04-12 22:02:44 UTC

Common Vulnerabilities and Exposures assigned an identifier CVE-2011-1675 to
the following vulnerability:

Name: CVE-2011-1675
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1675
Assigned: 20110409
Reference: http://openwall.com/lists/oss-security/2011/03/04/9

mount in util-linux 2.19 and earlier attempts to append to the
/etc/mtab.tmp file without first checking whether resource limits
would interfere, which allows local users to trigger corruption of the
/etc/mtab file via a process with a small RLIMIT_FSIZE value, a
related issue to CVE-2011-1089.

Comment 1 Vincent Danen 2011-04-12 22:35:31 UTC

Created util-linux-ng tracking bugs for this issue

Affects: fedora-all [bug 695940]

Comment 3 Tomas Hoger 2011-05-12 14:03:21 UTC

Summary of the patches that were committed upstream to address this and related issues can be found in bug #695940, comment #5.

Comment 5 errata-xmlrpc 2011-12-06 17:10:54 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2011:1691 https://rhn.redhat.com/errata/RHSA-2011-1691.html

Comment 7 errata-xmlrpc 2012-02-21 03:20:26 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2012:0307 https://rhn.redhat.com/errata/RHSA-2012-0307.html

Note You need to log in before you can comment on or make changes to this bug.