2013-10-20 20:59:39 |
Martin Carpenter |
bug |
|
|
added bug |
2013-10-23 10:56:04 |
Martin Pitt |
apport: importance |
Undecided |
High |
|
2013-10-23 10:56:04 |
Martin Pitt |
apport: status |
New |
Triaged |
|
2013-10-23 10:56:04 |
Martin Pitt |
apport: assignee |
|
Martin Pitt (pitti) |
|
2013-10-23 10:56:28 |
Martin Pitt |
bug |
|
|
added subscriber Ubuntu Security Team |
2013-10-23 10:56:35 |
Martin Pitt |
bug task added |
|
apport (Ubuntu) |
|
2013-10-23 10:56:52 |
Martin Pitt |
nominated for series |
|
Ubuntu Precise |
|
2013-10-23 10:56:52 |
Martin Pitt |
bug task added |
|
apport (Ubuntu Precise) |
|
2013-10-23 10:56:52 |
Martin Pitt |
nominated for series |
|
Ubuntu Quantal |
|
2013-10-23 10:56:52 |
Martin Pitt |
bug task added |
|
apport (Ubuntu Quantal) |
|
2013-10-23 10:56:52 |
Martin Pitt |
nominated for series |
|
Ubuntu Saucy |
|
2013-10-23 10:56:52 |
Martin Pitt |
bug task added |
|
apport (Ubuntu Saucy) |
|
2013-10-23 10:56:52 |
Martin Pitt |
nominated for series |
|
Ubuntu Lucid |
|
2013-10-23 10:56:52 |
Martin Pitt |
bug task added |
|
apport (Ubuntu Lucid) |
|
2013-10-23 10:56:52 |
Martin Pitt |
nominated for series |
|
Ubuntu Raring |
|
2013-10-23 10:56:52 |
Martin Pitt |
bug task added |
|
apport (Ubuntu Raring) |
|
2013-10-23 10:56:52 |
Martin Pitt |
nominated for series |
|
Ubuntu Trusty |
|
2013-10-23 10:56:52 |
Martin Pitt |
bug task added |
|
apport (Ubuntu Trusty) |
|
2013-10-23 10:57:02 |
Martin Pitt |
apport (Ubuntu Lucid): status |
New |
Triaged |
|
2013-10-23 10:57:04 |
Martin Pitt |
apport (Ubuntu Precise): status |
New |
Triaged |
|
2013-10-23 10:57:06 |
Martin Pitt |
apport (Ubuntu Quantal): status |
New |
Triaged |
|
2013-10-23 10:57:08 |
Martin Pitt |
apport (Ubuntu Raring): status |
New |
Triaged |
|
2013-10-23 10:57:10 |
Martin Pitt |
apport (Ubuntu Saucy): status |
New |
Triaged |
|
2013-10-23 10:57:12 |
Martin Pitt |
apport (Ubuntu Trusty): status |
New |
Triaged |
|
2013-10-23 10:57:22 |
Martin Pitt |
apport (Ubuntu Lucid): importance |
Undecided |
Low |
|
2013-10-23 10:57:24 |
Martin Pitt |
apport (Ubuntu Precise): importance |
Undecided |
Low |
|
2013-10-23 10:57:29 |
Martin Pitt |
apport (Ubuntu Precise): importance |
Low |
Medium |
|
2013-10-23 10:57:34 |
Martin Pitt |
apport (Ubuntu Quantal): importance |
Undecided |
Medium |
|
2013-10-23 10:57:35 |
Martin Pitt |
apport (Ubuntu Raring): importance |
Undecided |
Medium |
|
2013-10-23 10:57:37 |
Martin Pitt |
apport (Ubuntu Saucy): importance |
Undecided |
Medium |
|
2013-10-23 10:57:39 |
Martin Pitt |
apport (Ubuntu Trusty): importance |
Undecided |
Medium |
|
2013-10-23 11:24:14 |
Marc Deslauriers |
cve linked |
|
2013-1067 |
|
2013-10-23 15:49:19 |
Martin Pitt |
attachment added |
|
patch (and tests) for trunk https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1242435/+attachment/3888758/+files/apport.1242435.trunk.patch |
|
2013-10-23 16:04:31 |
Martin Pitt |
attachment added |
|
patch and tests backported to quantal https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1242435/+attachment/3888772/+files/apport.1242435.quantal.patch |
|
2013-10-23 16:04:58 |
Martin Pitt |
attachment added |
|
patch and tests backported to precise https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1242435/+attachment/3888773/+files/apport.1242435.precise.patch |
|
2013-10-23 16:11:24 |
Martin Pitt |
attachment added |
|
patch backported to lucid https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1242435/+attachment/3888775/+files/apport.1242435.lucid.patch |
|
2013-10-23 16:11:49 |
Martin Pitt |
apport: status |
Triaged |
In Progress |
|
2013-10-24 11:22:34 |
Marc Deslauriers |
apport (Ubuntu Trusty): assignee |
|
Martin Pitt (pitti) |
|
2013-10-24 11:22:38 |
Marc Deslauriers |
apport (Ubuntu Lucid): status |
Triaged |
Invalid |
|
2013-10-24 11:22:41 |
Marc Deslauriers |
apport (Ubuntu Precise): assignee |
|
Marc Deslauriers (mdeslaur) |
|
2013-10-24 11:22:42 |
Marc Deslauriers |
apport (Ubuntu Quantal): assignee |
|
Marc Deslauriers (mdeslaur) |
|
2013-10-24 11:22:44 |
Marc Deslauriers |
apport (Ubuntu Raring): assignee |
|
Marc Deslauriers (mdeslaur) |
|
2013-10-24 11:22:46 |
Marc Deslauriers |
apport (Ubuntu Saucy): assignee |
|
Marc Deslauriers (mdeslaur) |
|
2013-10-24 16:33:59 |
Marc Deslauriers |
information type |
Private Security |
Public Security |
|
2013-10-24 16:34:43 |
Launchpad Janitor |
apport (Ubuntu Precise): status |
Triaged |
Fix Released |
|
2013-10-24 16:34:47 |
Launchpad Janitor |
apport (Ubuntu Raring): status |
Triaged |
Fix Released |
|
2013-10-24 16:40:27 |
Launchpad Janitor |
apport (Ubuntu Saucy): status |
Triaged |
Fix Released |
|
2013-10-24 16:40:32 |
Launchpad Janitor |
apport (Ubuntu Quantal): status |
Triaged |
Fix Released |
|
2013-10-24 20:22:56 |
Ubuntu Foundations Team Bug Bot |
tags |
|
patch |
|
2013-10-25 04:17:22 |
Launchpad Janitor |
branch linked |
|
lp:apport |
|
2013-10-25 04:31:03 |
Martin Pitt |
description |
Elsewhere I have been working on a sensitive information leak via core dump generated by gcore(1).
The sensitive information in question is read by a stock setuid root binary executed by a non-privileged user. On Ubuntu Desktop fs.suid_dumpable=2. Referencing https://www.kernel.org/doc/Documentation/sysctl/fs.txt:
2 - (suidsafe) - any binary which normally would not be dumped is dumped
anyway, but only if the "core_pattern" kernel sysctl is set to
either a pipe handler or a fully qualified path. (For more details
on this limitation, see CVE-2006-2451.) This mode is appropriate
when administrators are attempting to debug problems in a normal
environment, and either have a core dump pipe handler that knows
to treat privileged core dumps with care, or specific directory
defined for catching core dumps. If a core dump happens without
a pipe handler or fully qualifid path, a message will be emitted
to syslog warning about the lack of a correct setting.
NB "treat privileged core dumps with care".
On a stock Desktop 12.04 LTS install:
kernel.core_pattern = |/usr/share/apport/apport %p %s %c
apport dutifully dumps the core and this is readable (0660, user:user) by the invoking user, whereas it should be something like 0440, root:root. I believe this to be a bug in apport. |
Elsewhere I have been working on a sensitive information leak via core dump generated by gcore(1).
The sensitive information in question is read by a stock setuid root binary executed by a non-privileged user. On Ubuntu Desktop fs.suid_dumpable=2. Referencing https://www.kernel.org/doc/Documentation/sysctl/fs.txt:
2 - (suidsafe) - any binary which normally would not be dumped is dumped
anyway, but only if the "core_pattern" kernel sysctl is set to
either a pipe handler or a fully qualified path. (For more details
on this limitation, see CVE-2006-2451.) This mode is appropriate
when administrators are attempting to debug problems in a normal
environment, and either have a core dump pipe handler that knows
to treat privileged core dumps with care, or specific directory
defined for catching core dumps. If a core dump happens without
a pipe handler or fully qualifid path, a message will be emitted
to syslog warning about the lack of a correct setting.
NB "treat privileged core dumps with care".
On a stock Desktop 12.04 LTS install:
kernel.core_pattern = |/usr/share/apport/apport %p %s %c
apport dutifully dumps the core and this is readable (0660, user:user) by the invoking user, whereas it should be something like 0440, root:root. I believe this to be a bug in apport.
TRUNK FIX: http://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/2723
Backports for older releases available as attachments here. |
|
2013-10-25 04:31:09 |
Martin Pitt |
apport: status |
In Progress |
Fix Committed |
|
2013-10-25 04:34:33 |
Martin Pitt |
apport: status |
Fix Committed |
Fix Released |
|
2013-10-25 04:44:28 |
Martin Pitt |
apport (Ubuntu Trusty): status |
Triaged |
Fix Committed |
|
2013-10-25 04:48:10 |
Martin Pitt |
bug watch added |
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727661 |
|
2013-10-25 04:48:10 |
Martin Pitt |
bug task added |
|
apport (Debian) |
|
2013-10-25 05:17:46 |
Bug Watch Updater |
apport (Debian): status |
Unknown |
Confirmed |
|
2013-10-25 05:53:59 |
Launchpad Janitor |
apport (Ubuntu Trusty): status |
Fix Committed |
Fix Released |
|
2013-11-01 02:33:44 |
Bug Watch Updater |
apport (Debian): status |
Confirmed |
Fix Released |
|
2013-12-11 07:37:33 |
kitty sanders |
apport: assignee |
Martin Pitt (pitti) |
kitty sanders (towncutie2233) |
|
2013-12-11 07:46:39 |
Martin Pitt |
apport: assignee |
kitty sanders (towncutie2233) |
Martin Pitt (pitti) |
|
2014-06-07 06:22:31 |
kitty sanders |
information type |
Public Security |
Public |
|
2014-06-07 13:13:55 |
Marc Deslauriers |
information type |
Public |
Public Security |
|
2014-08-06 13:55:03 |
Launchpad Janitor |
branch linked |
|
lp:~ubuntu-core-dev/ubuntu/precise/apport/ubuntu |
|
2015-02-26 16:34:41 |
Burnz |
bug task added |
|
apport (Arch Linux) |
|