Test for CVE-2011-1020 fails 50% of the time
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-ec2 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
While testing linux-image-ec2 2.6.32-318.38 (see tracking bug 837804) this test seems to fail around 50% of the time.
This is a m1.large image, AMD64. Output collected:
/proc/$pid/ DAC bypass on setuid (CVE-2011-1020) ... FAIL
=======
FAIL: /proc/$pid/ DAC bypass on setuid (CVE-2011-1020)
-------
Traceback (most recent call last):
File "./test-
self.
File "/home/
self.
AssertionError: Got exit code 10. Looking for text "[<"
Command: 'sudo', '-u', 'ubuntu', 'sh', '-c', 'echo '' | ./dac-bypass.py stack'
Output:
(current) UNIX password: passwd: Authentication token manipulation error
passwd: password unchanged
Changing password for ubuntu.
[<fffffffffffff
# RUN 2
=======
FAIL: /proc/$pid/ DAC bypass on setuid (CVE-2011-1020)
-------
Traceback (most recent call last):
File "./test-
self.
File "/home/
self.
AssertionError: Got exit code 10. Looking for text "[<"
Command: 'sudo', '-u', 'ubuntu', 'sh', '-c', 'echo '' | ./dac-bypass.py stack'
Output:
(current) UNIX password: passwd: Authentication token manipulation error
passwd: password unchanged
Changing password for ubuntu.
[<ffffffff81100
[<ffffffff81100
[<ffffffff81101
[<ffffffff81009
[<fffffffffffff
[<ffffffff810ff
[<ffffffff81100
[<ffffffff81100
[<ffffffff81101
[<ffffffff81009
[<fffffffffffff
[<fffffffffffff
-------
# RUN 4
=======
FAIL: /proc/$pid/ DAC bypass on setuid (CVE-2011-1020)
-------
Traceback (most recent call last):
File "./test-
self.
File "/home/
self.
AssertionError: Got exit code 10. Looking for text "[<"
Command: 'sudo', '-u', 'ubuntu', 'sh', '-c', 'echo '' | ./dac-bypass.py stack'
Output:
(current) UNIX password: passwd: Authentication token manipulation error
passwd: password unchanged
Changing password for ubuntu.
[<ffffffff810ff
[<ffffffff81100
[<ffffffff81100
[<ffffffff81101
[<ffffffff81009
[<fffffffffffff
# RUN 8
-------
=======
FAIL: /proc/$pid/ DAC bypass on setuid (CVE-2011-1020)
-------
Traceback (most recent call last):
File "./test-
self.
File "/home/
self.
AssertionError: Got exit code 10. Looking for text "[<"
Command: 'sudo', '-u', 'ubuntu', 'sh', '-c', 'echo '' | ./dac-bypass.py stack'
Output:
(current) UNIX password: passwd: Authentication token manipulation error
passwd: password unchanged
Changing password for ubuntu.
[<fffffffffffff
-------
# RUN 9
=======
FAIL: /proc/$pid/ DAC bypass on setuid (CVE-2011-1020)
-------
Traceback (most recent call last):
File "./test-
self.
File "/home/
self.
AssertionError: Got exit code 10. Looking for text "[<"
Command: 'sudo', '-u', 'ubuntu', 'sh', '-c', 'echo '' | ./dac-bypass.py stack'
Output:
(current) UNIX password: passwd: Authentication token manipulation error
passwd: password unchanged
Changing password for ubuntu.
[<fffffffffffff
-------
# RUN 10
=======
FAIL: /proc/$pid/ DAC bypass on setuid (CVE-2011-1020)
-------
Traceback (most recent call last):
File "./test-
self.
File "/home/
self.
AssertionError: Got exit code 10. Looking for text "[<"
Command: 'sudo', '-u', 'ubuntu', 'sh', '-c', 'echo '' | ./dac-bypass.py stack'
Output:
(current) UNIX password: passwd: Authentication token manipulation error
passwd: password unchanged
Changing password for ubuntu.
[<ffffffff810ff
[<ffffffff81100
[<ffffffff810ea
[<fffffffffffff
-------
#
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: linux-image-
ProcVersionSign
Uname: Linux 2.6.32-318-ec2 x86_64
Architecture: amd64
Date: Fri Sep 2 23:35:41 2011
Ec2AMI: ami-a3a764ca
Ec2AMIManifest: ubuntu-
Ec2Availability
Ec2InstanceType: m1.large
Ec2Kernel: aki-427d952b
Ec2Ramdisk: unavailable
ProcEnviron:
LC_TIME=en_DK.utf8
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: linux-ec2
Closing that outdated report as EOL has been reached long time ago