Bug 1348622 (CVE-2014-9770) - CVE-2014-9770 systemd: weak permissions for journal files
Summary: CVE-2014-9770 systemd: weak permissions for journal files
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2014-9770
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 1323985
TreeView+ depends on / blocked
 
Reported: 2016-06-21 15:22 UTC by Cedric Buissart
Modified: 2019-09-29 13:51 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-06-21 16:04:27 UTC

Attachments (Terms of Use)

Description Cedric Buissart 2016-06-21 15:22:30 UTC 
tmpfiles.d/systemd.conf in systemd v213 uses weak permissions for journal files under /run/log/journal/%m and /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files. 

seclist report:
http://seclists.org/oss-sec/2016/q2/34

Suse BTS:
https://bugzilla.suse.com/show_bug.cgi?id=972612

Introduced in v213 by commit:
https://github.com/systemd/systemd/commit/a606871da508995f5ede113a8fc6538afd98966c

Fixed in v214 by commit:
https://github.com/systemd/systemd/commit/176f2acf8dee45fee832fd2ab07243f63783a238
Comment 1 Cedric Buissart 2016-06-21 15:36:58 UTC 
Current RHEL version is shipped with v219, and is not affected by this issue.
Comment 2 Cedric Buissart 2016-06-22 08:56:24 UTC 
Additional precision :
The vulnerability was introduced in v213. Previous RHEL7 versions (7.0, 7.1, and their asynchronous releases) are based on v207 and v208, and are not affected either.
Note You need to log in before you can comment on or make changes to this bug.