oss-sec mailing list archives
kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Wed, 05 Oct 2011 08:04:19 +0530
Hi All,Kevan Carstensen reported multiple security flaws in kexec-tools, details are as follows:
1. CVE-2011-3588:The default value of "StrictHostKeyChecking=no" has been used for kdump/ mkdumprd openssh integration. A remote malicious kdump server could use this flaw to impersonate the intended, correct kdump server to obtain security sensitive information (kdump core files).
2. CVE-2011-3589mkdumprd utility copied content of certain directories into newly created initial ramdisk images, potentially leading to information leak.
3. CVE-2011-2390mkdumprd utility created the final initial ramdisk image with world-readable permissions, possibly leading to information leak.
Reference: https://bugzilla.redhat.com/show_bug.cgi?id=716439 -- Huzaifa Sidhpurwala / Red Hat Security Response Team
Current thread:
- kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images Huzaifa Sidhpurwala (Oct 04)
- Re: kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images akuster (Oct 05)
- Re: kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images Huzaifa Sidhpurwala (Oct 07)
- CVE ASSIGNMENT CORRECTION -- USE CVE-2011-3590 instead of CVE-2011-2390 [was: Re: [oss-security] kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images] Jan Lieskovsky (Oct 10)
- Re: kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images akuster (Oct 05)