NetworkManager temporary file races (CVE-2016-0764)
- From: Lubomir Rintel <lkundrak v3 sk>
- To: networkmanager-list gnome org
- Subject: NetworkManager temporary file races (CVE-2016-0764)
- Date: Fri, 29 Jan 2016 20:39:17 +0100
Hi,
today we've discovered and fixed a temporary file race flaw that could
enable an unprivileged authenticated local user to read out connection
secrets (e.g. a VPN or Wi-Fi password) while the connection is being
saved.
It's fairly unlikely for this to happen as there's no way to force
another user to save their connection.
The problem affects all supported NetworkManager releases (and unsupported ones, as it dates way back to
before 0.7.x series). The fix will be included in the next NetworkManager release (not schedule yet and no
hurry either given the fairly low severity).
Just in case anyone would wish to backport the fixes, it's these
commits:
master: 60b7ed3bdc3941a3b7c56824fba4b7291e79041f [1]
1.0.x: 38ad5c9f3ace1e5578727c9de74b45346ea0a00e [2]
[1] http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?i
d=60b7ed3bdc3941a3b7c56824fba4b7291e79041f
[2] http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h
=nm-1-0&id=38ad5c9f3ace1e5578727c9de74b45346ea0a00e
Take care!
Lubo
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
