Home page logo
/

oss-sec logo oss-sec mailing list archives

kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Wed, 05 Oct 2011 08:04:19 +0530

Hi All,

Kevan Carstensen reported multiple security flaws in kexec-tools, details are as follows:

1. CVE-2011-3588:

The default value of "StrictHostKeyChecking=no" has been used for kdump/ mkdumprd openssh integration. A remote malicious kdump server could use this flaw to impersonate the intended, correct kdump server to obtain security sensitive information (kdump core files).

2. CVE-2011-3589

mkdumprd utility copied content of certain directories into newly created initial ramdisk images, potentially leading to information leak.

3. CVE-2011-2390

mkdumprd utility created the final initial ramdisk image with world-readable permissions, possibly leading to information leak.

Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=716439


--
Huzaifa Sidhpurwala / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]