Bug 13386

Summary: cifs-utils new security issue CVE-2014-2830
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: dpremy, sysadmin-bugs, tmb
Version: 4Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/598856/
Whiteboard: MGA3TOO has_procedure advisory mga3-32-ok mga3-64-ok mga4-32-ok MGA4-64-OK
Source RPM: cifs-utils-6.3-1.mga5.src.rpm CVE:
Status comment:

Description David Walser 2014-05-15 19:01:57 CEST 
Fedora has issued an advisory on May 6:
https://lists.fedoraproject.org/pipermail/package-announce/2014-May/133341.html

Fixes for this appear to be a part of this commit:
http://pkgs.fedoraproject.org/cgit/cifs-utils.git/commit/?id=8650af544c0e0f8c76b688ad85254e4d489ae5a9

Mageia 3 and Mageia 4 are also affected.

Reproducible: 

Steps to Reproduce:
David Walser 2014-05-15 19:02:17 CEST

Whiteboard: (none) => MGA4TOO, MGA3TOO

Comment 1 David Walser 2014-05-17 00:30:49 CEST 
Patched packages uploaded for Mageia 3, Mageia 4, and Cauldron.

Note that in cifs-utils 6.3 (in Cauldron) cifscreds.c from previous versions was split into cifscreds.c, cifskey.c, and pam_cifscreds.c.  The patches for 6.3 affect all three, but the main vulnerability is in cifskey.c.  In older versions, the vulnerable code is in cifscreds.c.

Advisory:
========================

Updated cifs-utils packages fix security vulnerability:

Sebastian Krahmer discovered a stack-based buffer overflow flaw in
cifscreds.c (CVE-2014-2830).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2830
https://lists.fedoraproject.org/pipermail/package-announce/2014-May/133341.html
========================

Updated packages in core/updates_testing:
========================
cifs-utils-6.0-1.1.mga3
cifs-utils-devel-6.0-1.1.mga3
cifs-utils-6.2-2.1.mga4
cifs-utils-devel-6.2-2.1.mga4

from SRPMS:
cifs-utils-6.0-1.1.mga3.src.rpm
cifs-utils-6.2-2.1.mga4.src.rpm

Version: Cauldron => 4
Assignee: bugsquad => qa-bugs
Whiteboard: MGA4TOO, MGA3TOO => MGA3TOO

Comment 2 claire robinson 2014-05-18 19:05:12 CEST 
Use to mount a samba/windows share. Test with..

# mount -t cifs //host/share /mount/point -o username=<user>,password=<passwd>

You may need to specify the host in /etc/hosts or use the ip address.

Whiteboard: MGA3TOO => MGA3TOO has_procedure

Comment 3 David Remy 2014-05-19 22:29:04 CEST 
Tested cifs-utils-6.2-2.1.mga4 on mga4 x64, all ok.

Tested cifs-utils-6.2-2.mga4 before upgrading, all worked with no issues. I could browse and copy from the cifs share without issue.

Upgraded to cifs-utils-6.2-2.1.mga4 and retried testes for browsing and file copies without issue.

CC: (none) => dpremy
Whiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure mga4-64-ok

Comment 4 claire robinson 2014-05-27 16:41:44 CEST 
Testing complete mga4 32

Whiteboard: MGA3TOO has_procedure mga4-64-ok => MGA3TOO has_procedure mga4-32-ok mga4-64-ok

Comment 5 claire robinson 2014-05-27 16:45:31 CEST 
Testing complete mga3 64

Whiteboard: MGA3TOO has_procedure mga4-32-ok mga4-64-ok => MGA3TOO has_procedure mga3-64-ok mga4-32-ok mga4-64-ok

Comment 6 claire robinson 2014-05-27 16:58:09 CEST 
Testing complete mga3 32

Advisory uploaded. Validating.

Could sysadmin please push to 3 & 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: MGA3TOO has_procedure mga3-64-ok mga4-32-ok mga4-64-ok => MGA3TOO has_procedure advisory mga3-32-ok mga3-64-ok mga4-32-ok MGA4-64-OK
CC: (none) => sysadmin-bugs

Comment 7 Thomas Backlund 2014-05-29 09:25:32 CEST 
Update pushed:
http://advisories.mageia.org/MGASA-2014-0242.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED