Debian Bug report logs - #601305
kfreebsd-8: pseudofs null ptr dereference exploit

version graph

Package: kfreebsd-7; Maintainer for kfreebsd-7 is (unknown);

Reported by: Michael Gilbert <michael.s.gilbert@gmail.com>

Date: Mon, 25 Oct 2010 02:27:01 UTC

Severity: serious

Tags: security

Found in version 7.0-1

Fixed in versions 7.3-1, 7.3-7+rm

Done: Debian FTP Masters <ftpmaster@ftp-master.debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#601305; Package kfreebsd-7. (Mon, 25 Oct 2010 02:27:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Michael Gilbert <michael.s.gilbert@gmail.com>:
New Bug report received and forwarded. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>. (Mon, 25 Oct 2010 02:27:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Michael Gilbert <michael.s.gilbert@gmail.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: kfreebsd-8: pseudofs null ptr dereference exploit
Date: Sun, 24 Oct 2010 22:23:48 -0400
package: kfreebsd-7
version: 7.3-7
severity: serious
tags: security

another freebsd privilege escalation has been disclosed:
http://www.exploit-db.com/exploits/15206/

this seems different than the recent CVE advisories.  i haven't
checked any of this, but they claim 7.0-7.2 are affected and don't
mention 8, so who knows if its affected.  all of this should be
checked.

thanks,
mike




Information forwarded to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#601305; Package kfreebsd-7. (Mon, 25 Oct 2010 05:03:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Petr Salinger <Petr.Salinger@seznam.cz>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>. (Mon, 25 Oct 2010 05:03:03 GMT) Full text and rfc822 format available.

Message #10 received at 601305@bugs.debian.org (full text, mbox):

From: Petr Salinger <Petr.Salinger@seznam.cz>
To: Michael Gilbert <michael.s.gilbert@gmail.com>, 601305@bugs.debian.org
Subject: Re: Bug#601305: kfreebsd-8: pseudofs null ptr dereference exploit
Date: Mon, 25 Oct 2010 06:59:58 +0200 (CEST)
On Sun, 24 Oct 2010, Michael Gilbert wrote:

> package: kfreebsd-7
> version: 7.3-7
> severity: serious
> tags: security
>
> another freebsd privilege escalation has been disclosed:
> http://www.exploit-db.com/exploits/15206/
>
> this seems different than the recent CVE advisories.  i haven't
> checked any of this, but they claim 7.0-7.2 are affected and don't
> mention 8, so who knows if its affected.  all of this should be
> checked.

It looks like http://seclists.org/fulldisclosure/2010/Sep/107

The bug was fixed in following commit:

http://svn.freebsd.org/viewvc/base?view=revision&revision=196689

Nevertheless it was not recognized as security vulnerability. 
The following versions are vulnerable:

7.0-RELEASE
7.1-RELEASE
7.2-RELEASE
8.0-RELEASE (system crash only)

Not vulnerable versions:

6.x-RELEASE
7.3-RELEASE
8.1-RELEASE
7-STABLE and 8-STABLE after 05/09/2009




Bug Marked as found in versions 7.0-1. Request was from Michael Gilbert <michael.s.gilbert@gmail.com> to control@bugs.debian.org. (Mon, 25 Oct 2010 15:27:05 GMT) Full text and rfc822 format available.

Bug No longer marked as found in versions 7.3-7. Request was from Michael Gilbert <michael.s.gilbert@gmail.com> to control@bugs.debian.org. (Mon, 25 Oct 2010 15:27:05 GMT) Full text and rfc822 format available.

Bug Marked as fixed in versions 7.3-1. Request was from Michael Gilbert <michael.s.gilbert@gmail.com> to control@bugs.debian.org. (Mon, 25 Oct 2010 15:27:06 GMT) Full text and rfc822 format available.

Reply sent to Debian FTP Masters <ftpmaster@ftp-master.debian.org>:
You have taken responsibility. (Fri, 17 Jun 2011 11:20:21 GMT) Full text and rfc822 format available.

Notification sent to Michael Gilbert <michael.s.gilbert@gmail.com>:
Bug acknowledged by developer. (Fri, 17 Jun 2011 11:20:23 GMT) Full text and rfc822 format available.

Message #21 received at 601305-done@bugs.debian.org (full text, mbox):

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: 322197-done@bugs.debian.org,353302-done@bugs.debian.org,357021-done@bugs.debian.org,460331-done@bugs.debian.org,477588-done@bugs.debian.org,550429-done@bugs.debian.org,551702-done@bugs.debian.org,559107-done@bugs.debian.org,593699-done@bugs.debian.org,594287-done@bugs.debian.org,601305-done@bugs.debian.org,
Cc: kfreebsd-7@packages.debian.org, kfreebsd-7@packages.qa.debian.org
Subject: Bug#630694: Removed package(s) from unstable
Date: Fri, 17 Jun 2011 11:15:01 +0000
Version: 7.3-7+rm

Dear submitter,

as the package kfreebsd-7 has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see http://bugs.debian.org/630694

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmaster@debian.org.

Debian distribution maintenance software
pp.
Alexander Reichle-Schmehl (the ftpmaster behind the curtain)




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 16 Jul 2011 07:33:51 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 18 03:26:35 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.