mailing list archives
kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Wed, 05 Oct 2011 08:04:19 +0530
Kevan Carstensen reported multiple security flaws in kexec-tools,
details are as follows:
The default value of "StrictHostKeyChecking=no" has been used for kdump/
mkdumprd openssh integration. A remote malicious kdump server could use
this flaw to impersonate the intended, correct kdump server to obtain
security sensitive information (kdump core files).
mkdumprd utility copied content of certain directories into newly
created initial ramdisk images, potentially leading to information leak.
mkdumprd utility created the final initial ramdisk image with
world-readable permissions, possibly leading to information leak.
Huzaifa Sidhpurwala / Red Hat Security Response Team
- kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images Huzaifa Sidhpurwala (Oct 05)