Nom du paquet
util-linux
Date
2005-09-20
Advisory ID
MDKSA-2005:167
Affected versions
MNF2.0 i586 , 10.2 x86_64 , CS2.1 x86_64 , 10.0 amd64 , 10.2 i586 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , CS2.1 i586 , 10.1 x86_64

Problem description

David Watson disovered that the umount utility, when using the "-r" cpmmand, could remove some restrictive mount options such as "nosuid". IF /etc/fstab contained user-mountable removable devices that specified nosuid, a local attacker could exploit this flaw to execute arbitrary programs with root privileges by calling "umount -r" on a removable device. The updated packages have been patched to ensure that "-r" can only be called by the root user.

Updated packages

MNF2.0 i586

 765b0e93637cce9d5b623a81bdc81e6e  mnf/2.0/RPMS/losetup-2.12-2.1.M20mdk.i586.rpm
782d8a37c484ab76ae766dddcce2173e  mnf/2.0/RPMS/mount-2.12-2.1.M20mdk.i586.rpm
d6f35d4ccdb1cb9dcd21218ca5d6da72  mnf/2.0/RPMS/util-linux-2.12-2.1.M20mdk.i586.rpm
360a0c2f0e8d383b09a7eb44d1e654a2  mnf/2.0/SRPMS/util-linux-2.12-2.1.M20mdk.src.rpm

10.2 x86_64

 73e23481f84309a90b99394468885e20  x86_64/10.2/RPMS/losetup-2.12a-12.1.102mdk.x86_64.rpm
8dc01cc71d8b32fbba41d1936c861534  x86_64/10.2/RPMS/mount-2.12a-12.1.102mdk.x86_64.rpm
441ce68e9e3b07c807bb5486adde1903  x86_64/10.2/RPMS/util-linux-2.12a-12.1.102mdk.x86_64.rpm
2bedcdeed443ed6438f290dff54038b5  x86_64/10.2/SRPMS/util-linux-2.12a-12.1.102mdk.src.rpm

CS2.1 x86_64

 141b7b38947d1fd2ef4088ba20e093f1  x86_64/corporate/2.1/RPMS/losetup-2.11u-5.1.C21mdk.x86_64.rpm
ddb3ee3ebe56b399ff881806f9cd8832  x86_64/corporate/2.1/RPMS/mount-2.11u-5.1.C21mdk.x86_64.rpm
a61050516b99231bca46507fa94aa5e8  x86_64/corporate/2.1/RPMS/util-linux-2.11u-5.1.C21mdk.x86_64.rpm
b1d2f438863cd5c807548ec4209b0179  x86_64/corporate/2.1/SRPMS/util-linux-2.11u-5.1.C21mdk.src.rpm

10.0 amd64

 1c972124af9eba5acc9691931e5629c8  amd64/10.0/RPMS/losetup-2.12-2.1.100mdk.amd64.rpm
2a0367d603f4c8e893e7f0ec158132e5  amd64/10.0/RPMS/mount-2.12-2.1.100mdk.amd64.rpm
4fe57def6145640a886feb35deb77a6d  amd64/10.0/RPMS/util-linux-2.12-2.1.100mdk.amd64.rpm
0c84336fe4e647fe4b35686e6e938a8f  amd64/10.0/SRPMS/util-linux-2.12-2.1.100mdk.src.rpm

10.2 i586

 8314ea4ec99e8e603fb2da6941aae1d9  10.2/RPMS/losetup-2.12a-12.1.102mdk.i586.rpm
2a8a83e0e36295db943fc51a4aee863f  10.2/RPMS/mount-2.12a-12.1.102mdk.i586.rpm
01a4abab8ec329a29cf2310d8ee006d9  10.2/RPMS/util-linux-2.12a-12.1.102mdk.i586.rpm
2bedcdeed443ed6438f290dff54038b5  10.2/SRPMS/util-linux-2.12a-12.1.102mdk.src.rpm

10.1 i586

 658b5ee36c137e2533397ac71aa86e0e  10.1/RPMS/losetup-2.12a-5.1.101mdk.i586.rpm
b15ae4dbd367fcd46e38d418bb3d1a86  10.1/RPMS/mount-2.12a-5.1.101mdk.i586.rpm
701b35a4588f4ce5879b651724f72a1d  10.1/RPMS/util-linux-2.12a-5.1.101mdk.i586.rpm
f1bbf1462e0f0987ce110388bd2e8d48  10.1/SRPMS/util-linux-2.12a-5.1.101mdk.src.rpm

10.0 i586

 e28c42b0a18bf906ea339ffeb02d3320  10.0/RPMS/losetup-2.12-2.1.100mdk.i586.rpm
6dd9d97f688ab7b872dba55b9c427935  10.0/RPMS/mount-2.12-2.1.100mdk.i586.rpm
b23bbbec6f75fbe1f2137f1335f782f9  10.0/RPMS/util-linux-2.12-2.1.100mdk.i586.rpm
0c84336fe4e647fe4b35686e6e938a8f  10.0/SRPMS/util-linux-2.12-2.1.100mdk.src.rpm

CS3.0 x86_64

 3d96c512a6eaf548bef73c7fc3db5012  x86_64/corporate/3.0/RPMS/losetup-2.12-2.1.C30mdk.x86_64.rpm
21d37d4ebb7943cf412a3bb423808fc5  x86_64/corporate/3.0/RPMS/mount-2.12-2.1.C30mdk.x86_64.rpm
75fa21eea372a790a6f1c3a8a120cb7e  x86_64/corporate/3.0/RPMS/util-linux-2.12-2.1.C30mdk.x86_64.rpm
28f6b881c65662695c84ac100ea9d012  x86_64/corporate/3.0/SRPMS/util-linux-2.12-2.1.C30mdk.src.rpm

CS3.0 i586

 bbcce593f1b51833383997590a13b834  corporate/3.0/RPMS/losetup-2.12-2.1.C30mdk.i586.rpm
bb38ae724541d9c73ac64d382d4839e8  corporate/3.0/RPMS/mount-2.12-2.1.C30mdk.i586.rpm
55420d5f1fa9c7cc7f6e42f61c0428fc  corporate/3.0/RPMS/util-linux-2.12-2.1.C30mdk.i586.rpm
28f6b881c65662695c84ac100ea9d012  corporate/3.0/SRPMS/util-linux-2.12-2.1.C30mdk.src.rpm

CS2.1 i586

 d560b7038ca8ae848b24414858fac1ef  corporate/2.1/RPMS/losetup-2.11u-5.1.C21mdk.i586.rpm
81bf701d8b8129c0809c37205d4fbad0  corporate/2.1/RPMS/mount-2.11u-5.1.C21mdk.i586.rpm
321463758b000a1e7348111f7bea2959  corporate/2.1/RPMS/util-linux-2.11u-5.1.C21mdk.i586.rpm
b1d2f438863cd5c807548ec4209b0179  corporate/2.1/SRPMS/util-linux-2.11u-5.1.C21mdk.src.rpm

10.1 x86_64

 fbd4672670283fd495a652d0338467d4  x86_64/10.1/RPMS/losetup-2.12a-5.1.101mdk.x86_64.rpm
b1773a98c38538db35e2c4fd8aa5e100  x86_64/10.1/RPMS/mount-2.12a-5.1.101mdk.x86_64.rpm
8a4e15cdaaa7efe10c7830a9cda27523  x86_64/10.1/RPMS/util-linux-2.12a-5.1.101mdk.x86_64.rpm
f1bbf1462e0f0987ce110388bd2e8d48  x86_64/10.1/SRPMS/util-linux-2.12a-5.1.101mdk.src.rpm

References