Re: CVE Request: cronie fd leak

[Sebastian Krahmer <krahmer () suse de>]

Hi,

Possible that you have got a different cron implementation.

There is no hidden info in our bugzilla; the reproducer
is using lvm commands, but I remember it worked with any
command. Actually its not about the warnings, a "cat" will probably
also do, if you check its /proc/$pid/fd when its invoked.
But cat doesnt emit warnings about open fd's.

Not sure about upstream, probably not.

regards,
Sebastian


On Tue, Jan 08, 2013 at 09:01:19PM -0700, Vincent Danen wrote:
> * [2013-01-08 13:56:40 +0100] Sebastian Krahmer wrote:
>
> > "Hello Kurt, Steve, vendors,"
> >
> > cronie leaks read-only fd's, please check here:
> >
> > https://bugzilla.novell.com/show_bug.cgi?id=786096
> >
> > can someone assign a CVE?
>
> Sebastian, do you have a specific command that you're using?  I'm trying
> to reproduce this in Fedora and RHEL using lvdisplay (maybe a bad
> choice?) and also using "lvm vgck -v vg_thor && lvm pvs" in
> /etc/crontab.
>
> The output is mailed to me fine with no warnings?  Can you share what
> command was being used to reproduce this?  It's possible that something
> you added (or we added) makes this a non-issue on other platforms.
>
> Has upstream been informed of this yet?
>
> -- 
> Vincent Danen / Red Hat Security Response Team 

-- 

~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer () suse de - SuSE Security Team