** Also affects: linux-ti-omap4 (Ubuntu Maverick)
Importance: Undecided
Status: New
** Changed in: linux-ec2 (Ubuntu Maverick)
Status: New => Invalid
** Changed in: linux-lts-backport-natty (Ubuntu Maverick)
Status: New => Invalid
** Changed in: linux-mvl-dove (Ubuntu Maverick)
Status: New => Fix Released
** Changed in: linux-lts-backport-maverick (Ubuntu Maverick)
Status: New => Invalid
** Changed in: linux (Ubuntu Maverick)
Status: New => Fix Released
** Changed in: linux-ti-omap4 (Ubuntu Maverick)
Status: New => Fix Committed
** Changed in: linux-fsl-imx51 (Ubuntu Maverick)
Status: New => Invalid
** Description changed:
- Since a8f80e8ff94ecba629542d9b4b5f5a8ee3eb565c any process with
- CAP_NET_ADMIN may load any module from /lib/modules/. This doesn't mean
- that CAP_NET_ADMIN is a superset of CAP_SYS_MODULE as modules are
- limited to /lib/modules/**. However, CAP_NET_ADMIN capability shouldn't
- allow anybody load any module not related to networking.
+ Description needed
- This patch restricts an ability of autoloading modules to netdev modules
- with explicit aliases. This fixes CVE-2011-1019.
-
- Arnd Bergmann suggested to leave untouched the old pre-v2.6.32 behavior
- of loading netdev modules by name (without any prefix) for processes
- with CAP_SYS_MODULE to maintain the compatibility with network scripts
- that use autoloading netdev modules by aliases like "eth0", "wlan0".
-
- Currently there are only three users of the feature in the upstream
- kernel: ipip, ip_gre and sit.
-
- root@albatros:~# capsh --drop=$(seq -s, 0 11),$(seq -s, 13 34) --
- root@albatros:~# grep Cap /proc/$$/status
- CapInh: 0000000000000000
- CapPrm: fffffff800001000
- CapEff: fffffff800001000
- CapBnd: fffffff800001000
- root@albatros:~# modprobe xfs
- FATAL: Error inserting xfs
- (/lib/modules/2.6.38-rc6-00001-g2bf4ca3/kernel/fs/xfs/xfs.ko): Operation
- not permitted
- root@albatros:~# lsmod | grep xfs
- root@albatros:~# ifconfig xfs
- xfs: error fetching interface information: Device not found
- root@albatros:~# lsmod | grep xfs
- root@albatros:~# lsmod | grep sit
- root@albatros:~# ifconfig sit
- sit: error fetching interface information: Device not found
- root@albatros:~# lsmod | grep sit
- root@albatros:~# ifconfig sit0
- sit0 Link encap:IPv6-in-IPv4
- NOARP MTU:1480 Metric:1
-
- root@albatros:~# lsmod | grep sit
- sit 10457 0
- tunnel4 2957 1 sit
-
- For CAP_SYS_MODULE module loading is still relaxed:
-
- root@albatros:~# grep Cap /proc/$$/status
- CapInh: 0000000000000000
- CapPrm: ffffffffffffffff
- CapEff: ffffffffffffffff
- CapBnd: ffffffffffffffff
- root@albatros:~# ifconfig xfs
- xfs: error fetching interface information: Device not found
- root@albatros:~# lsmod | grep xfs
- xfs 745319 0
-
- Reference: https://lkml.org/lkml/2011/2/24/203
-
- [PG: in 2.6.34, the bare MODULE_ALIAS for ipip/tunl0 and ip_gre/gre0
- didn't exist, but this adds the limited scope MODULE_ALIAS_NETDEV ones]
+ Break-Fix: - 8909c9ad8ff03611c9c96c9a92656213e4bb495b
** Also affects: linux (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: linux-ec2 (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: linux-linaro (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-natty (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: linux-qcm-msm (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: linux-ti-omap4 (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-ec2 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-linaro (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-natty (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-qcm-msm (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux-ti-omap4 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: linux-ec2 (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: linux-linaro (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-natty (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: linux-mvl-dove (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: linux-qcm-msm (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: linux-ti-omap4 (Ubuntu Natty)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/804366
Title:
CVE-2011-1019
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/804366/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
