Gentoo Archives: gentoo-announce

From: Aaron Bauman <bman@g.o>
To: gentoo-announce@l.g.o
Subject: [gentoo-announce] [ GLSA 201804-18 ] tenshi: Privilege escalation
Date: Sun, 22 Apr 2018 22:53:13
Message-Id: 20180422223759.GD16878@monkey
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 201804-18
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 https://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: tenshi: Privilege escalation
9 Date: April 22, 2018
10 Bugs: #626654
11 ID: 201804-18
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 Gentoo's tenshi ebuild is vulnerable to privilege escalation due to the
19 way pid files are handled.
20
21 Background
22 ==========
23
24 A log monitoring program, designed to watch one or more log files for
25 lines matching user defined regular expressions and report on the
26 matches.
27
28 Affected packages
29 =================
30
31 -------------------------------------------------------------------
32 Package / Vulnerable / Unaffected
33 -------------------------------------------------------------------
34 1 app-admin/tenshi < 0.17 >= 0.17
35
36 Description
37 ===========
38
39 It was discovered that the tenshi ebuild creates a tenshi.pid file
40 after dropping privileges to a non-root account.
41
42 Impact
43 ======
44
45 A local attacker could escalate privileges to root or kill arbitrary
46 processes.
47
48 Workaround
49 ==========
50
51 There is no known workaround at this time.
52
53 Resolution
54 ==========
55
56 All tenshi users should upgrade to the latest version:
57
58 # emerge --sync
59 # emerge --ask --oneshot --verbose ">=app-admin/tenshi-0.17"
60
61 References
62 ==========
63
64 [ 1 ] CVE-2017-11746
65 https://nvd.nist.gov/vuln/detail/CVE-2017-11746
66
67 Availability
68 ============
69
70 This GLSA and any updates to it are available for viewing at
71 the Gentoo Security Website:
72
73 https://security.gentoo.org/glsa/201804-18
74
75 Concerns?
76 =========
77
78 Security is a primary focus of Gentoo Linux and ensuring the
79 confidentiality and security of our users' machines is of utmost
80 importance to us. Any security concerns should be addressed to
81 security@g.o or alternatively, you may file a bug at
82 https://bugs.gentoo.org.
83
84 License
85 =======
86
87 Copyright 2018 Gentoo Foundation, Inc; referenced text
88 belongs to its owner(s).
89
90 The contents of this document are licensed under the
91 Creative Commons - Attribution / Share Alike license.
92
93 https://creativecommons.org/licenses/by-sa/2.5

Attachments

File name MIME type
signature.asc application/pgp-signature