Debian Bug report logs -
#725357
CVE-2013-4392: TOCTOU race condition when updating file permissions and SELinux security contexts
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian systemd Maintainers <pkg-systemd-maintainers@lists.alioth.debian.org>
:
Bug#725357
; Package systemd
.
(Fri, 04 Oct 2013 13:51:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@inutil.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian systemd Maintainers <pkg-systemd-maintainers@lists.alioth.debian.org>
.
(Fri, 04 Oct 2013 13:51:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: systemd
Severity: grave
Tags: security
Four security issues have been discovered in systemd by Florian Weimer:
CVE-2013-4394 [systemd: Improper sanitization of invalid XKB layouts descriptions]
https://bugzilla.redhat.com/show_bug.cgi?id=862324
http://cgit.freedesktop.org/systemd/systemd/commit/?id=0b507b17a760b21e33fc52ff377db6aa5086c680
CVE-2013-4393 [systemd: Possibility of denial of logging service by processing native messages from file]
https://bugzilla.redhat.com/show_bug.cgi?id=859104
http://cgit.freedesktop.org/systemd/systemd/commit/?id=1dfa7e79a60de680086b1d93fcc3629b463f58bd
CVE-2013-4392 [systemd: TOCTOU race condition when updating file permissions and SELinux security contexts]
https://bugzilla.redhat.com/show_bug.cgi?id=859060
No upstream fix is available, but we don't support /etc/tmpfiles.d anyway
CVE-2013-4391 [systemd: Integer overflow, leading to heap-based buffer overflow by processing native messages]
https://bugzilla.redhat.com/show_bug.cgi?id=859051
http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian systemd Maintainers <pkg-systemd-maintainers@lists.alioth.debian.org>
:
Bug#725357
; Package systemd
.
(Tue, 15 Oct 2013 18:39:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Biebl <biebl@debian.org>
:
Extra info received and forwarded to list. Copy sent to Debian systemd Maintainers <pkg-systemd-maintainers@lists.alioth.debian.org>
.
(Tue, 15 Oct 2013 18:39:07 GMT) (full text, mbox, link).
Message #10 received at 725357@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
severity 725357 normal
retitle 725357 CVE-2013-4392: TOCTOU race condition when updating file permissions and SELinux security contexts
thanks
On Fri, Oct 04, 2013 at 03:41:54PM +0200, Moritz Muehlenhoff wrote:
> Package: systemd
> Severity: grave
> Tags: security
>
> Four security issues have been discovered in systemd by Florian Weimer:
>
> CVE-2013-4394 [systemd: Improper sanitization of invalid XKB layouts descriptions]
> https://bugzilla.redhat.com/show_bug.cgi?id=862324
> http://cgit.freedesktop.org/systemd/systemd/commit/?id=0b507b17a760b21e33fc52ff377db6aa5086c680
Fixed in 204-5 and 44-11+deb7u4
> CVE-2013-4393 [systemd: Possibility of denial of logging service by processing native messages from file]
> https://bugzilla.redhat.com/show_bug.cgi?id=859104
> http://cgit.freedesktop.org/systemd/systemd/commit/?id=1dfa7e79a60de680086b1d93fcc3629b463f58bd
Fixed in 204-5 and 44-11+deb7u4
> CVE-2013-4392 [systemd: TOCTOU race condition when updating file permissions and SELinux security contexts]
> https://bugzilla.redhat.com/show_bug.cgi?id=859060
> No upstream fix is available, but we don't support /etc/tmpfiles.d anyway
We do use the tmpfiles mechanism in systemd, but the combination of both
selinux and systemd is very unlikely.
> CVE-2013-4391 [systemd: Integer overflow, leading to heap-based buffer overflow by processing native messages]
> https://bugzilla.redhat.com/show_bug.cgi?id=859051
> http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e
Fixed in 204-5 and 44-11+deb7u4
Seeing that all issues aside CVE-2013-4392 are already fixed in sid and
the likelyhood to hit CVE-2013-4392 is very minimal, I'm downgrading the
severity to normal and retitle the bug accordingly.
Michael
[signature.asc (application/pgp-signature, inline)]
Severity set to 'normal' from 'grave'
Request was from Michael Biebl <biebl@debian.org>
to control@bugs.debian.org
.
(Tue, 15 Oct 2013 18:39:10 GMT) (full text, mbox, link).
Changed Bug title to 'CVE-2013-4392: TOCTOU race condition when updating file permissions and SELinux security contexts' from 'systemd: Multiple security issues'
Request was from Michael Biebl <biebl@debian.org>
to control@bugs.debian.org
.
(Tue, 15 Oct 2013 18:39:11 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian systemd Maintainers <pkg-systemd-maintainers@lists.alioth.debian.org>
:
Bug#725357
; Package systemd
.
(Tue, 29 Sep 2015 10:48:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Russell Coker <russell@coker.com.au>
:
Extra info received and forwarded to list. Copy sent to Debian systemd Maintainers <pkg-systemd-maintainers@lists.alioth.debian.org>
.
(Tue, 29 Sep 2015 10:48:03 GMT) (full text, mbox, link).
Message #21 received at 725357@bugs.debian.org (full text, mbox, reply):
As systemd is the default init in Jessie it's expected that most SE Linux
systems running Debian will be affected. I have been running systemd on most
of my servers since Wheezy.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
Added tag(s) fixed-upstream.
Request was from bts-link-upstream@lists.alioth.debian.org
to control@bugs.debian.org
.
(Thu, 05 Nov 2015 16:54:23 GMT) (full text, mbox, link).
Removed tag(s) fixed-upstream.
Request was from Michael Biebl <biebl@debian.org>
to control@bugs.debian.org
.
(Wed, 03 Feb 2016 20:21:08 GMT) (full text, mbox, link).
Added tag(s) fixed-upstream.
Request was from debian-bts-link@lists.debian.org
to control@bugs.debian.org
.
(Fri, 13 Apr 2018 22:19:46 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:55:35 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.