GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Fri Dec 02, 2016 2:26 pm Post subject: [ GLSA 201612-02 ] DavFS2 |
 |
|
Gentoo Linux Security Advisory
Title: DavFS2: Local privilege escalation (GLSA 201612-02)
Severity: normal
Exploitable: local
Date: December 02, 2016
Bug(s): #485232
ID: 201612-02
Synopsis
A vulnerability in DavFS2 allows local users to gain root
privileges.
Background
DavFS2 is a file system driver that allows you to mount a WebDAV server
as a local disk drive.
Affected Packages
Package: net-fs/davfs2
Vulnerable: < 1.5.2
Unaffected: >= 1.5.2
Architectures: All supported architectures
Description
DavFS2 installs “/usr/sbin/mount.davfs” as setuid root. This utility
uses “system()” to call “/sbin/modprobe”.
While the call to “modprobe” itself cannot be manipulated, a local
authenticated user can set the “MODPROBE_OPTIONS” environment
variable to pass a user controlled path, allowing the loading of an
arbitrary kernel module.
Impact
A local user could gain root privileges.
Workaround
The system administrator should ensure that all modules the
“mount.davfs” utility tries to load are loaded upon system boot
before any local user can call the utility.
An additional defense measure can be implemented by enabling the Linux
kernel module signing feature. This assists in the prevention of
arbitrary modules being loaded.
Resolution
All DavFS2 users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-fs/davfs2-1.5.2"
|
References
CVE-2013-4362 |
|
News & Announcements
