Util-Linux Umount Filesystem NULL Pointer Dereference Vulnerability
BID:22850
Info
Util-Linux Umount Filesystem NULL Pointer Dereference Vulnerability
| Bugtraq ID: | 22850 |
| Class: | Design Error |
| CVE: |
CVE-2007-0822 |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 07 2007 12:00AM |
| Updated: | May 23 2007 09:37PM |
| Credit: | Carlos Barros discovered this vulnerability. |
| Vulnerable: |
util-linux util-linux 2.12 r util-linux util-linux 2.12 q Slackware Linux 10.2 Pardus Linux 2007.1 Mandriva Linux Mandrake 2006.0 x86_64 Mandriva Linux Mandrake 2006.0 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 Linux kernel 2.6.15 |
| Not Vulnerable: | |
Discussion
Util-Linux Umount Filesystem NULL Pointer Dereference Vulnerability
Util-Linux 'umount' is prone to a NULL-pointer dereference vulnerability.
A local attacker can exploit this issue to crash the affected application, denying service to legitimate users. The attacker may also be able to obtain sensitive information, including the contents of core files.
Util-Linux Umount implemented on Linux kernel 2.6.15 is reported vulnerable to this issue.
Util-Linux 'umount' is prone to a NULL-pointer dereference vulnerability.
A local attacker can exploit this issue to crash the affected application, denying service to legitimate users. The attacker may also be able to obtain sensitive information, including the contents of core files.
Util-Linux Umount implemented on Linux kernel 2.6.15 is reported vulnerable to this issue.
Exploit / POC
Util-Linux Umount Filesystem NULL Pointer Dereference Vulnerability
An attacker can exploit this issue using standard 'mount' and 'umount' commands.
An attacker can exploit this issue using standard 'mount' and 'umount' commands.
Solution / Fix
Util-Linux Umount Filesystem NULL Pointer Dereference Vulnerability
Solution:
Specific vendors have released fixes for this issue. Please see the vendor references for details.
util-linux util-linux 2.12 q
util-linux util-linux 2.12 r
Solution:
Specific vendors have released fixes for this issue. Please see the vendor references for details.
util-linux util-linux 2.12 q
-
Mandriva losetup-2.12q-7.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva losetup-2.12q-7.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva losetup-2.12q-7.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva losetup-2.12q-7.1.20060mlcs4.x86_64.rpm
Corporate 4.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva mount-2.12q-7.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva mount-2.12q-7.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva mount-2.12q-7.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva mount-2.12q-7.1.20060mlcs4.x86_64.rpm
Corporate 4.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12q-7.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12q-7.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12q-7.1.20060mdk.src.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12q-7.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12q-7.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12q-7.1.20060mlcs4.src.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12q-7.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12q-7.1.20060mlcs4.x86_64.rpm
Corporate 4.0/X86_64:
http://www.mandriva.com/en/download
util-linux util-linux 2.12 r
-
Mandriva losetup-2.12r-8.1mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva losetup-2.12r-8.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva mount-2.12r-8.1mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva mount-2.12r-8.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12r-8.1mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12r-8.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12r-8.1mdv2007.0.src.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva util-linux-2.12r-8.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download
References
Util-Linux Umount Filesystem NULL Pointer Dereference Vulnerability
References:
References:
- 'umount' bug (GotFault)
- umount crash and xterm (kind of) information leak! (neohapsis)
- util-linux Home Page (util-linux)