oss-sec mailing list archives
CVE ASSIGNMENT CORRECTION -- USE CVE-2011-3590 instead of CVE-2011-2390 [was: Re: [oss-security] kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images]
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 10 Oct 2011 15:12:39 +0200
Hello vendors, 1) apologize for capital letters in the subject. Just wanted this message not to be overlooked, since it's important. On 10/05/2011 04:34 AM, Huzaifa Sidhpurwala wrote:
Hi All, Kevan Carstensen reported multiple security flaws in kexec-tools, details are as follows: 1. CVE-2011-3588: The default value of "StrictHostKeyChecking=no" has been used for kdump/ mkdumprd openssh integration. A remote malicious kdump server could use this flaw to impersonate the intended, correct kdump server to obtain security sensitive information (kdump core files). 2. CVE-2011-3589 mkdumprd utility copied content of certain directories into newly created initial ramdisk images, potentially leading to information leak. 3. CVE-2011-2390
2) Due to a mistake, an incorrect CVE identifier of CVE-2011-2390 wasused here / in the previous post. The proper one should be CVE-2011-3590, as detailed here:
[1] https://bugzilla.redhat.com/show_bug.cgi?id=716439#c61 Since there are some incorrect references present in the public already: [2] http://www.securityfocus.com/bid/49944/info we wanted to kindly ask you to update your entries. CVE-2011-2390 is NOT the correct one, please use CVE-2011-3590 identifier to reference the following security flaw: 3. kdump/mkdumprd copies all the .ssh keys of root user on the vmcore file. This may include keys which are not-required and may be confidential to the root user also. in the kexec-tools package. Apologize to all of the affected parties for the inconvenience. Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
mkdumprd utility created the final initial ramdisk image with world-readable permissions, possibly leading to information leak. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=716439
Current thread:
- kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images Huzaifa Sidhpurwala (Oct 04)
- Re: kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images akuster (Oct 05)
- Re: kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images Huzaifa Sidhpurwala (Oct 07)
- CVE ASSIGNMENT CORRECTION -- USE CVE-2011-3590 instead of CVE-2011-2390 [was: Re: [oss-security] kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images] Jan Lieskovsky (Oct 10)
- Re: kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images akuster (Oct 05)