oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: kernel: a collection of world-writable debugfs bugs

From: Eugene Teo <eugene () redhat com>
Date: Wed, 23 Feb 2011 11:26:18 +0800
On 02/22/2011 09:01 PM, Josh Bressers wrote:

Do we know the affected versions? This probably won't be 20 IDs,
but I suspect it won't be one either.
Just some, not all, since not all the patches listed here affect Red Hat and I do not think I want to go through them again. Other vendors affected by these can provide their inputs.
I read some interesting discussions on LKML. These require debugfs to be mounted on a local system. It is usually not mounted by default, and you would not want to mount it on a production system unless you really have to use the kernel tracer, etc. 

----- Original Message -----
> > There are 20 patches here - some are accepted, some are probably
> > pending. All from Vasiliy Kulikov.
> >
> > [PATCH 01/20] mach-omap2: mux: world-writable debugfs files
> > https://lkml.org/lkml/2011/2/4/66 arm arch
> >
> > [PATCH 02/20] mach-omap2: pm: world-writable debugfs timer files
> > https://lkml.org/lkml/2011/2/4/67 arm arch
> >
> > [PATCH 03/20] mach-omap2: smartreflex: world-writable debugfs voltage
> > files
> > https://lkml.org/lkml/2011/2/4/68 arm arch
> >
> > [PATCH 04/20] mach-ux500: mbox-db5500: world-writable sysfs fifo file
> > https://lkml.org/lkml/2011/2/4/69 arm arch
> >
> > [PATCH 05/20] leds: lp5521: world-writable sysfs engine* files
> > https://lkml.org/lkml/2011/2/4/70
> >
> > [PATCH 06/20] leds: lp5523: world-writable engine* sysfs files
> > https://lkml.org/lkml/2011/2/4/81
> >
> > [PATCH 07/20] video: sn9c102: world-wirtable sysfs files
> > https://lkml.org/lkml/2011/2/4/85
> >
> > [PATCH 08/20] mfd: ab3100: world-writable debugfs *_priv files
> > https://lkml.org/lkml/2011/2/4/82
> >
> > [PATCH 09/20] mfd: ab3500: world-writable debugfs register-* files
> > https://lkml.org/lkml/2011/2/4/84

introduced in 09bcb3f3 v2.6.35-rc1

> > [PATCH 10/20] mfd: ab8500: world-writable debugfs register-* files
> > https://lkml.org/lkml/2011/2/4/71

introduced in 5814fc35 v2.6.37-rc1

> > [PATCH 11/20] misc: ep93xx_pwm: world-writable sysfs files
> > https://lkml.org/lkml/2011/2/4/83
> >
> > [PATCH 12/20] net: can: at91_can: world-writable sysfs files
> > https://lkml.org/lkml/2011/2/4/80
> > fef52b0171dfd7dd9b85c9cc201bd433b42a8ded

introduced in 3a5655a5 v2.6.38-rc3

> > [PATCH 13/20] net: can: janz-ican3: world-writable sysfs termination
> > file
> > https://lkml.org/lkml/2011/2/4/72
> > 1e6d93e45b231b3ae87c01902ede2315aacfe976
> >
> > [PATCH 14/20] platform: x86: acer-wmi: world-writable sysfs threeg
> > file
> > https://lkml.org/lkml/2011/2/4/79
> > b80b168f918bba4b847e884492415546b340e19d
> >
> > [PATCH 15/20] platform: x86: asus_acpi: world-writable procfs files
> > https://lkml.org/lkml/2011/2/4/73
> > 8040835760adf0ef66876c063d47f79f015fb55d
> >
> > [PATCH 16/20] platform: x86: tc1100-wmi: world-writable sysfs wireless
> > and jogdial files
> > https://lkml.org/lkml/2011/2/4/78
> > 8a6a142c1286797978e4db266d22875a5f424897
> >
> > [PATCH 17/20] rtc: rtc-ds1511: world-writable sysfs nvram file
> > https://lkml.org/lkml/2011/2/4/74
> >
> > [PATCH 18/20] scsi: aic94xx: world-writable sysfs update_bios file
> > https://lkml.org/lkml/2011/2/4/75
> >
> > [PATCH 19/20] scsi: iscsi: world-writable sysfs priv_sess file
> > https://lkml.org/lkml/2011/2/4/76

introduced in fe4f0bde v2.6.36-rc1

> > [PATCH 20/20] fs: ubifs: world-writable debugfs dump_* files
> > https://lkml.org/lkml/2011/2/4/77

--
Eugene Teo / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: