← Back to team overview

ecryptfs team mailing list archive

  1. ecryptfs team
  2. Mailing list archive
  3. Message #01880

[Bug 732628] Re: TOCTOU in mount.ecryptfs_private

  Thread PreviousDate PreviousThread Next 
This bug was fixed in the package linux - 2.6.38-11.50

---------------
linux (2.6.38-11.50) natty-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #848246

  [ Upstream Kernel Changes ]

  * Revert "eCryptfs: Handle failed metadata read in lookup"
  * Revert "KVM: fix kvmclock regression due to missing clock update"
  * Revert "ath9k: use split rx buffers to get rid of order-1 skb
    allocations"

linux (2.6.38-11.49) natty-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #836903

  [ Adam Jackson ]

  * SAUCE: drm/i915/pch: Fix integer math bugs in panel fitting
    - LP: #753994

  [ Keng-Yu Lin ]

  * SAUCE: Input: ALPS - Enable Intellimouse mode for Lenovo Zhaoyang E47
    - LP: #632884, #803005

  [ Stefan Bader ]

  * [Config] Force perf to use libiberty for demangling
    - LP: #783660

  [ Tim Gardner ]

  * [Config] Add enic/fnic to udebs
    - LP: #801610

  [ Upstream Kernel Changes ]

  * eeepc-wmi: add keys found on EeePC 1215T
    - LP: #812644
  * eCryptfs: Handle failed metadata read in lookup
    - LP: #509180
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * vmscan: fix a livelock in kswapd
    - LP: #813797
  * mmc: Add PCI fixup quirks for Ricoh 1180:e823 reader
    - LP: #773524
  * mmc: Added quirks for Ricoh 1180:e823 lower base clock frequency
    - LP: #773524
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * pata_marvell: Add support for 88SE91A0, 88SE91A4
    - LP: #777325
  * GFS2: make sure fallocate bytes is a multiple of blksize, CVE-2011-2689
    - LP: #819572
    - CVE-2011-2689
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * drm/nv50-nvc0: work around an evo channel hang that some people see
    - LP: #583760
  * KVM: fix kvmclock regression due to missing clock update
    - LP: #795717
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * ath9k: use split rx buffers to get rid of order-1 skb allocations
    - LP: #728835
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
 -- Herton Ronaldo Krzesinski <herton.krzesinski@xxxxxxxxxxxxx>   Mon, 12 Sep 2011 17:23:38 -0300

** Changed in: linux (Ubuntu Natty)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of eCryptfs,
which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/732628

Title:
  TOCTOU in mount.ecryptfs_private

Status in eCryptfs - Enterprise Cryptographic Filesystem:
  Fix Released
Status in “ecryptfs-utils” package in Ubuntu:
  Fix Released
Status in “linux” package in Ubuntu:
  Fix Released
Status in “linux-ec2” package in Ubuntu:
  Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
  Invalid
Status in “linux-linaro” package in Ubuntu:
  New
Status in “linux-lts-backport-maverick” package in Ubuntu:
  Invalid
Status in “linux-lts-backport-natty” package in Ubuntu:
  Invalid
Status in “linux-mvl-dove” package in Ubuntu:
  Invalid
Status in “linux-qcm-msm” package in Ubuntu:
  Invalid
Status in “linux-source-2.6.15” package in Ubuntu:
  Invalid
Status in “linux-ti-omap” package in Ubuntu:
  Invalid
Status in “linux-ti-omap4” package in Ubuntu:
  Fix Committed
Status in “ecryptfs-utils” source package in Lucid:
  Fix Released
Status in “linux” source package in Lucid:
  Fix Committed
Status in “linux-ec2” source package in Lucid:
  Fix Committed
Status in “linux-fsl-imx51” source package in Lucid:
  Fix Released
Status in “linux-linaro” source package in Lucid:
  New
Status in “linux-lts-backport-maverick” source package in Lucid:
  Fix Committed
Status in “linux-lts-backport-natty” source package in Lucid:
  Fix Committed
Status in “linux-mvl-dove” source package in Lucid:
  Fix Committed
Status in “linux-qcm-msm” source package in Lucid:
  Invalid
Status in “linux-source-2.6.15” source package in Lucid:
  Invalid
Status in “linux-ti-omap” source package in Lucid:
  Invalid
Status in “linux-ti-omap4” source package in Lucid:
  Invalid
Status in “ecryptfs-utils” source package in Maverick:
  Fix Released
Status in “linux” source package in Maverick:
  Fix Committed
Status in “linux-ec2” source package in Maverick:
  Invalid
Status in “linux-fsl-imx51” source package in Maverick:
  Invalid
Status in “linux-linaro” source package in Maverick:
  New
Status in “linux-lts-backport-maverick” source package in Maverick:
  Invalid
Status in “linux-lts-backport-natty” source package in Maverick:
  Invalid
Status in “linux-mvl-dove” source package in Maverick:
  Fix Committed
Status in “linux-qcm-msm” source package in Maverick:
  Invalid
Status in “linux-source-2.6.15” source package in Maverick:
  Invalid
Status in “linux-ti-omap” source package in Maverick:
  Invalid
Status in “linux-ti-omap4” source package in Maverick:
  Fix Released
Status in “ecryptfs-utils” source package in Natty:
  Fix Released
Status in “linux” source package in Natty:
  Fix Released
Status in “linux-ec2” source package in Natty:
  Invalid
Status in “linux-fsl-imx51” source package in Natty:
  Invalid
Status in “linux-linaro” source package in Natty:
  New
Status in “linux-lts-backport-maverick” source package in Natty:
  Invalid
Status in “linux-lts-backport-natty” source package in Natty:
  Invalid
Status in “linux-mvl-dove” source package in Natty:
  Invalid
Status in “linux-qcm-msm” source package in Natty:
  Invalid
Status in “linux-source-2.6.15” source package in Natty:
  Invalid
Status in “linux-ti-omap” source package in Natty:
  Invalid
Status in “linux-ti-omap4” source package in Natty:
  Fix Released
Status in “ecryptfs-utils” source package in Oneiric:
  Fix Released
Status in “linux” source package in Oneiric:
  Fix Released
Status in “linux-ec2” source package in Oneiric:
  Invalid
Status in “linux-fsl-imx51” source package in Oneiric:
  Invalid
Status in “linux-linaro” source package in Oneiric:
  New
Status in “linux-lts-backport-maverick” source package in Oneiric:
  Invalid
Status in “linux-lts-backport-natty” source package in Oneiric:
  Invalid
Status in “linux-mvl-dove” source package in Oneiric:
  Invalid
Status in “linux-qcm-msm” source package in Oneiric:
  Invalid
Status in “linux-source-2.6.15” source package in Oneiric:
  Invalid
Status in “linux-ti-omap” source package in Oneiric:
  Invalid
Status in “linux-ti-omap4” source package in Oneiric:
  Fix Committed
Status in “ecryptfs-utils” source package in Hardy:
  Invalid
Status in “linux” source package in Hardy:
  Invalid
Status in “linux-ec2” source package in Hardy:
  Invalid
Status in “linux-fsl-imx51” source package in Hardy:
  Invalid
Status in “linux-linaro” source package in Hardy:
  New
Status in “linux-lts-backport-maverick” source package in Hardy:
  Invalid
Status in “linux-lts-backport-natty” source package in Hardy:
  Invalid
Status in “linux-mvl-dove” source package in Hardy:
  Invalid
Status in “linux-qcm-msm” source package in Hardy:
  Invalid
Status in “linux-source-2.6.15” source package in Hardy:
  Invalid
Status in “linux-ti-omap” source package in Hardy:
  Invalid
Status in “linux-ti-omap4” source package in Hardy:
  Invalid
Status in “ecryptfs-utils” package in Debian:
  New
Status in “ecryptfs-utils” package in Fedora:
  New

Bug description:
  check_ownerships() function doesn't work as it should because of a
  race condition. Arguments of both mount() and umount() calls can be
  changed between the check and the usage. This may lead to arbitrary
  mount point umounting or probably to gaining ability to try
  passphrases of otherpeople's ecryptfs storages. lock_counter() is also
  racy. It (1) tries to check existance and ownership of the file before
  open(), (2) neither use stat() instead of lstat() nor O_NOFOLLOW, (3)
  is not protected against deletion of the lock file by the owner. The
  lock file should be probably created in root only writable directory
  before dropping EUID.

  Break-Fix: 237fead619984cc48818fe12ee0ceada3f55b012
  764355487ea220fdc2faf128d577d7f679b91f97

To manage notifications about this bug go to:
https://bugs.launchpad.net/ecryptfs/+bug/732628/+subscriptions

References

  Thread PreviousDate PreviousThread Next