Debian Bug report logs -
#701965
CVE-2013-1813 busybox mdev creates deep subdirs in /dev with 0777 permissions
Reported by: Michael Tokarev <mjt@tls.msk.ru>
Date: Fri, 1 Mar 2013 08:48:02 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstream
Found in version busybox/1:1.20.0-7
Fixed in version busybox/1:1.20.0-8
Done: Michael Tokarev <mjt@tls.msk.ru>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Install System Team <debian-boot@lists.debian.org>:
Bug#701965; Package busybox.
(Fri, 01 Mar 2013 08:48:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Tokarev <mjt@tls.msk.ru>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Install System Team <debian-boot@lists.debian.org>.
(Fri, 01 Mar 2013 08:48:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: busybox
Version: 1:1.20.0-7
Severity: important
Tags: security patch upstream fixed-upstream pending
When device node or symlink in /dev should be created inside
2-or-deeper subdirectory (/dev/dir1/dir2.../node), the
intermediate directories are incorrectly created with mode
0777, which is an obvious security issue.
mdev is an alternative for udev, but since udev is used
almost universally, and many packages depend on it, mdev
isn't used often. Also, subdirs of more than one level
are not common, especially with mdev which, unlike udev,
has limited "language" to construct filenames/symlinks,
so often, when mdev is used, a task of creating device
nodes with complex names is implemented using an external
script instead. However it is important to fix this to
avoid surprizes.
The issue has been fixed upstream in commit
4609f477c7e043a4f6147dfe6e86b775da2ef784.
Reply sent
to Michael Tokarev <mjt@tls.msk.ru>:
You have taken responsibility.
(Sat, 02 Mar 2013 13:06:11 GMT) (full text, mbox, link).
Notification sent
to Michael Tokarev <mjt@tls.msk.ru>:
Bug acknowledged by developer.
(Sat, 02 Mar 2013 13:06:11 GMT) (full text, mbox, link).
Message #10 received at 701965-close@bugs.debian.org (full text, mbox, reply):
Source: busybox
Source-Version: 1:1.20.0-8
We believe that the bug you reported is fixed in the latest version of
busybox, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 701965@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated busybox package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 02 Mar 2013 16:42:49 +0400
Source: busybox
Binary: busybox busybox-static busybox-udeb busybox-syslogd udhcpc udhcpd
Architecture: source all i386
Version: 1:1.20.0-8
Distribution: unstable
Urgency: low
Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
busybox - Tiny utilities for small and embedded systems
busybox-static - Standalone rescue shell with tons of builtin utilities
busybox-syslogd - Provides syslogd and klogd using busybox
busybox-udeb - Tiny utilities for the debian-installer (udeb)
udhcpc - Provides the busybox DHCP client implementation
udhcpd - Provides the busybox DHCP server implementation
Closes: 686502 695862 701959 701965 701968
Changes:
busybox (1:1.20.0-8) unstable; urgency=low
.
* grep-fix-grep--Fw-not-respecting-the--w-option.patch - implement
fgrep -w correctly (Closes: #695862)
* xz-support-concatenated-xz-streams.patch (Closes: #686502)
* lineedit-initialize-delptr.patch - fix segfault in line editing
facility (Closes: #701959)
* mdev-fix-mode-of-dir1-in-=dir1-dir2-file-rule.patch - make intermediate
dirs in /dev to be of mode 0755 not 0777 (Closes: #701965)
* fix unaligned access macros (Closes: #701968)
- fix-move_to_unaligned16.patch
- xz-fix-put_unaligned_e32.patch
Checksums-Sha1:
0ce0fbc54964bf44985376b0be266876e09b86a9 1610 busybox_1.20.0-8.dsc
9fbe30f7c6de03bdf5c9bcd16c8b297148d4d7bc 62951 busybox_1.20.0-8.debian.tar.gz
564c8a5482eccb3b437b155327f59cd92368ac79 20872 busybox-syslogd_1.20.0-8_all.deb
0607bf93b22f6db3d079feaa489d6041c4e8a485 881974 busybox-static_1.20.0-8_i386.deb
2a332d254cab678211d5b5a50b25aca6a96a4f24 441558 busybox_1.20.0-8_i386.deb
fb7aeb57240c702f8356e699333b1cf209d93c67 18332 udhcpc_1.20.0-8_i386.deb
7404e547496a19b3d4d8e90585c2a4d9bee6494a 21776 udhcpd_1.20.0-8_i386.deb
3557ff8ad2c958b144015fc3728c53b65678d610 178600 busybox-udeb_1.20.0-8_i386.udeb
Checksums-Sha256:
1ae77a1cda0552f9590929dde677de1e2ddf932c5edfbff3baff65750d9a832c 1610 busybox_1.20.0-8.dsc
c22d58e9a877fbac974fb951ab8c1c752124df69bbb141c824e02d9aa47aa68c 62951 busybox_1.20.0-8.debian.tar.gz
b19001f738d6c7ad2c4269e69bfdad65fc4c71decd1ce74675c05935193d9b20 20872 busybox-syslogd_1.20.0-8_all.deb
15988d9f533aa6ecfbd06fcd049eecf7d174137b9dd4a802a545b505088a1343 881974 busybox-static_1.20.0-8_i386.deb
02eb9ce87e2d5aaccfd628754fd2cb53abdf9354425892c05f3325d19ad689a9 441558 busybox_1.20.0-8_i386.deb
7b3f0fa7d0d941acdb19f71303a2adfe50e003d41fbc2d3a62f859c1ac46d4bd 18332 udhcpc_1.20.0-8_i386.deb
cadf87560047aad778842d008bff3f0d716827648830d7cb6cdf5e4779c0b161 21776 udhcpd_1.20.0-8_i386.deb
9eb6820ce22f9350eac5551b74173dd03d23966f2bd8990148b3cc02a1b71fbf 178600 busybox-udeb_1.20.0-8_i386.udeb
Files:
b837aef93d3ff1736a5a8db10fa7dfeb 1610 utils optional busybox_1.20.0-8.dsc
6d6b3587b8b3ef984ca16346391657b6 62951 utils optional busybox_1.20.0-8.debian.tar.gz
b5aefa36f0e2eaba6bbc4d20a2514e6c 20872 utils optional busybox-syslogd_1.20.0-8_all.deb
cdc2694ae30e7b76fc797558c6605889 881974 shells extra busybox-static_1.20.0-8_i386.deb
a35b88c961b5348a0f4c8d42d9b5e5b8 441558 utils optional busybox_1.20.0-8_i386.deb
0f544071f26ebee7fcc9012faadf1bda 18332 net optional udhcpc_1.20.0-8_i386.deb
91fd467a8dee635ba7dc90d02169b92a 21776 net optional udhcpd_1.20.0-8_i386.deb
a480fcc6d2b893556bbf494b7e358273 178600 debian-installer extra busybox-udeb_1.20.0-8_i386.udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iJwEAQECAAYFAlEx9fQACgkQUlPFrXTwyDg5SQQAsVhgh6fMcUHVUzAb4Czz6a0k
5WR/c0Y07DCNef0JIFvPPJTTv/WcSgDq0R6w0vmWCTmaW0qi3UGIQIwEziEK8hS4
gyaBm/PA3FZmJz63RlzRAY5Mvz+39ZERSedvevFdSjGukaTiNt/fHsfPYA8K+oMZ
BVoHIlIj4a+gYFpHnQ8=
=5YsY
-----END PGP SIGNATURE-----
Changed Bug title to 'CVE-2013-1813 busybox mdev creates deep subdirs in /dev with 0777 permissions' from 'busybox mdev creates deep subdirs in /dev with 0777 permissions'
Request was from mjt@tls.msk.ru (Michael Tokarev)
to control@bugs.debian.org.
(Sun, 03 Mar 2013 05:48:06 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Fri, 07 Jun 2013 07:35:32 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:36:46 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon