Bug 21085 - CVE-2009-1894
Summary: CVE-2009-1894
Status: CLOSED NOTABUG
Alias: None
Product: Branch 4.1
Classification: Distributions
Component: pulseaudio (show other bugs)
Version: unspecified
Hardware: all Linux
: P3 normal
Assignee: Sergey Bolshakov
QA Contact: qa-4.1@altlinux.org
URL: http://cve.mitre.org/cgi-bin/cvename....
Keywords:
Depends on:
Blocks:
 
Reported: 2009-08-16 03:06 MSD by Igor Zubkov
Modified: 2009-08-16 16:54 MSD (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Igor Zubkov 2009-08-16 03:06:49 MSD 
Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink.
Comment 1 AEN 2009-08-16 03:20:49 MSD 
(В ответ на комментарий №0)
> Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 
0.9.10 в бранче 4.1, другие бранчи и Сизиф не подвержены.
Comment 2 Sergey Bolshakov 2009-08-16 14:19:42 MSD 
описанный сценарий возможен, если на pulseaudio установить suid bit,
в пакете его там нет.