oss-sec mailing list archives

Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC)

From: Linus Torvalds <torvalds () linux-foundation org>
Date: Sun, 26 Jun 2011 19:57:23 -0700

On Fri, Jun 24, 2011 at 5:34 AM, Vasiliy Kulikov <segoon () openwall com> wrote:


I think it needs 2 CVE, one for /proc/PID/io and another for taskstats.


Hmm. Should we just round them down to 1kB boundaries or something?
People *do* want to know about IO accounting, but I agree that giving
things at a byte granularity ends up giving way too much information.
When you can see how many bytes something read off a tty, that's a
problem.

Returning accounting information at a 1k granularity should make it
impractical to use that to guess keys etc. It still gives *some*
information (and enough for rough statistics), but it doesn't give the
level of detail required for any simple attack.

Sometimes excessive precision isn't a good thing.

Andrew - the IO_ACCT stuff went through you (back in 2006), the
taskstats did too, methinks. Comments?

                     Linus

Current thread:

taskstats authorized_keys presence infoleak PoC Vasiliy Kulikov (Jun 21)
- Re: taskstats authorized_keys presence infoleak PoC Josh Bressers (Jun 21)
  - Re: taskstats authorized_keys presence infoleak PoC Vasiliy Kulikov (Jun 21)
  - CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov (Jun 24)
    - Re: CVE request: kernel: taskstats/procfs io infoleak Vasiliy Kulikov (Jun 25)
    - Re: CVE request: kernel: taskstats/procfs io infoleak Eugene Teo (Jun 26)
    - Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Linus Torvalds (Jun 26)
    - Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Andrew Morton (Jun 28)
    - Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Linus Torvalds (Jun 28)
    - Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Linus Torvalds (Jun 28)
    - Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov (Jun 29)
    - Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov (Jun 29)
    - Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov (Jun 29)
    - Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Linus Torvalds (Jun 29)
    - Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov (Jun 29)
    - Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov (Jun 29)
    - Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov (Jun 29)

(Thread continues...)