ACK: [CVE-2011-1585] cifs unpriveledged remount hole
Stefan Bader
stefan.bader at canonical.com
Tue Oct 25 16:55:04 UTC 2011
On 25.10.2011 18:12, Andy Whitcroft wrote:
> CVE-2011-1585
> While a user has a CIFS share mounted that required successful
> authentication, a local, unprivileged user could mount that share
> without knowing the correct password if mount.cifs was setuid root.
>
> Fixes for this issue have hit natty, and oneiric via mainline and
> stable. Following this email are three patch sets. One for maverick
> and maverick/ti-omap4, consisting of three cherry-picks from mainline.
> Another for lucid and lucid/fsl-imx51, consisting of a simple backport
> and two cherry-picks. The last is for hardy, consisting of a single patch
> reimplementing the CVE components of these commits. The hardy patch has
> been tested to ensure it does fix the CVE issue at hand. Please review
> it carefully.
>
> Proposing for hardy, lucid, lucid/fsl-imx51, maverick and maverick/ti-omap4.
>
> -apw
>
The maverick and lucid series seem to match the upstream changes. The Hardy one
looks like doing the same in the helper. While I am not sure what went wrong in
the first attempts, at least I can say it seems to work in my tests (including
the prevention of the DOS for the first connection).
Signed-off-by: Stefan Bader <smb at canonical.com>
More information about the kernel-team
mailing list