touch-packages team mailing list archive

Thread
Date

[Bug 1509752] Re: Bug in ensure_not_symlink() from 0003-CVE-2015-1335.patch

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Serge Hallyn <1509752@xxxxxxxxxxxxxxxxxx>
Date: Tue, 27 Oct 2015 21:17:28 -0000
Reply-to: Bug 1509752 <1509752@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Apparently the kernel is now fixed so that we should be able to use the
upstream fix.  I'm going to try to get that into the trusty package
rather than keep tweakng this separate patch.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1509752

Title:
  Bug in ensure_not_symlink() from 0003-CVE-2015-1335.patch

Status in lxc package in Ubuntu:
  Confirmed

Bug description:
  This bug/limitation is present in lxc from 1.0.7-0ubuntu0.5 through
  1.0.7-0ubuntu0.9 (or anything that incorporates
  0003-CVE-2015-1335.patch).  Basically, the limitation is obvious when
  using recursive bind mounts because ensure_not_symlink() only checks
  the last line of /proc/self/mountinfo which will be a submount so will
  always fail the test and trigger:

  ensure_not_symlink: 1413 Mount onto /usr/lib/x86_64-linux-
  gnu/lxc/storage resulted in /usr/lib/x86_64-linux-
  gnu/lxc/storage/submount, not /usr/lib/x86_64-linux-gnu/lxc/storage

  Sorry if this is a duplicate, I did spend quite some time trying to
  find a similar report.

  Thanks!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1509752/+subscriptions

References

[Bug 1509752] [NEW] Bug in ensure_not_symlink() from 0003-CVE-2015-1335.patch
From: Steve, 2015-10-25