Bug 15133

Summary: busybox new security issue CVE-2014-9645
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: olchal, sysadmin-bugs
Version: 4Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/630950/
Whiteboard: has_procedure advisory mga4-64-ok MGA4-32-OK
Source RPM: busybox-1.21.1-3.1.mga4.src.rpm CVE:
Status comment:

Description David Walser 2015-01-26 15:24:49 CET 
A CVE for an issue fixed in busybox 1.23.0 has been announced:
http://openwall.com/lists/oss-security/2015/01/26/1

Patched packages uploaded for Mageia 4 and Cauldron.

Advisory:
========================

Updated busybox packages fix security vulnerability:

The modprobe command in busybox before 1.23.0 uses the basename of the module
argument as the module to load, allowing arbitrary modules, even when some
kernel subsystems try to prevent this (CVE-2014-9645).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9645
http://openwall.com/lists/oss-security/2015/01/26/1
========================

Updated packages in core/updates_testing:
========================
busybox-1.21.1-3.2.mga4
busybox-static-1.21.1-3.2.mga4

from busybox-1.21.1-3.2.mga4.src.rpm

Reproducible: 

Steps to Reproduce:
Comment 1 claire robinson 2015-01-27 14:20:10 CET 
After update, checking busybox modprobe still works..

# busybox modprobe saa7134

# lsmod | grep saa
saa7134               186437  0 
tveeprom               21216  1 saa7134
videobuf_dma_sg        19262  1 saa7134
videobuf_core          26023  2 videobuf_dma_sg,saa7134
rc_core                28042  1 saa7134
v4l2_common            15265  1 saa7134
videodev              148922  4 saa7134,gspca_main,v4l2_common,gspca_zc3xx
i2c_core               40643  7 drm,i2c_i801,saa7134,nvidia,v4l2_common,tveeprom,videodev

# busybox modprobe saa7134_alsa

# lsmod | grep saa
saa7134_alsa           18437  0 
saa7134               186437  1 saa7134_alsa
tveeprom               21216  1 saa7134
videobuf_dma_sg        19262  2 saa7134,saa7134_alsa
videobuf_core          26023  2 videobuf_dma_sg,saa7134
rc_core                28042  1 saa7134
v4l2_common            15265  1 saa7134
videodev              148922  4 saa7134,gspca_main,v4l2_common,gspca_zc3xx
snd_pcm               107817  5 snd_usb_audio,snd_hda_codec_hdmi,snd_hda_codec,snd_hda_intel,saa7134_alsa
i2c_core               40643  7 drm,i2c_i801,saa7134,nvidia,v4l2_common,tveeprom,videodev
snd                    83535  31 snd_hda_codec_realtek,snd_usb_audio,snd_hwdep,snd_timer,snd_hda_codec_hdmi,snd_pcm,snd_rawmidi,snd_hda_codec_generic,snd_usbmidi_lib,snd_hda_codec,snd_hda_intel,snd_seq_device,saa7134_alsa

# modprobe -r saa7134_alsa
# modprobe -r saa7134

Whiteboard: (none) => has_procedure mga4-64-ok

Comment 2 olivier charles 2015-01-27 16:18:37 CET 
Testing on Mageia4x32 real hardware following procedure in Comment 1

From busybox-1.21.1-3.1.mga4
To busybox-1.21.1-3.2.mga4

All OK.

CC: (none) => olchal
Whiteboard: has_procedure mga4-64-ok => has_procedure mga4-64-ok MGA4-32-OK

Comment 3 claire robinson 2015-01-27 18:38:43 CET 
Validating. Please push to 4 updates.

Thanks

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 4 claire robinson 2015-01-27 18:56:12 CET 
Advisory uploaded.

Whiteboard: has_procedure mga4-64-ok MGA4-32-OK => has_procedure advisory mga4-64-ok MGA4-32-OK

Comment 5 Mageia Robot 2015-01-27 22:09:07 CET 
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0041.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED

David Walser 2015-01-28 18:49:30 CET

URL: (none) => http://lwn.net/Vulnerabilities/630950/