CERT-In Vulnerability Note CIVN-2009-39
Linux Kernel Information Disclosure and Security Bypass Vulnerabilities
Original Issue Date:March 27, 2009
Severity Rating:
Medium
Systems Affected
Overview
Some vulnerabilities have been reported in the Linux Kernel, which could allow local users to disclose potentially sensitive information or to bypass certain security restrictions.
Description
1. eCryptfs headers Information Disclosure Vulnerability
(CVE-2009-0787)
This vulnerability is caused due to the ecryptfs_write_metadata_to_contents() function in the eCryptfs functionality uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read. A local attacker could exploit this vulnerability to disclose certain kernel memory.
Note: This vulnerability affects Linux Kernel 2.6.28.x before 2.6.28.9 only.
2. nfsd ‘CAP_MKNOD' Security Bypass Vulnerability
(CVE-2009-1072)
This vulnerability exists due to nfsd not properly dropping the "CAP_MKNOD" capability for unprivileged users, which can be exploited to create device nodes.
Solution
Update to version 2.6.28.9 or later
ChangeLog-2.6.28.9
Vendor Information
kernel.org
http://www.kernel.org/
References
kernel.org
http://www.kernel.org/
ISS X-Force Database
http://xforce.iss.net/xforce/xfdb/49355
http://xforce.iss.net/xforce/xfdb/49356
Security focus
http://www.securityfocus.com/bid/34216
Secunia
http://secunia.com/advisories/34422
http://secunia.com/advisories/34432
CVE Name
CVE-2009-0787
CVE-2009-1072
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
