[Git][security-tracker-team/security-tracker][master] Add CVE-2020-11935/aufs

Salvatore Bonaccorso carnil at debian.org
Tue Jun 30 21:25:05 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dc9ba41f by Salvatore Bonaccorso at 2020-06-30T22:22:24+02:00
Add CVE-2020-11935/aufs

Technically if there would not be stretch the issue could be marked as
unimportant. The issue is exploitable if the kernel has CONFIG_IMA
enabled. CONFIG_IMA was enabled at some point including up to stretch
but later on reverted. Both buster and (current) unstable src:linux do
not have CONFIG_IMA enabled.

Still src:aufs should ideally be ixed, for buster enough in a point
release.

For stretch the situation is more complex, as many other (security
relevant) aufs issues have never been fixed. It might be worth marking
the version in stretch as end-of-life.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8435,6 +8435,15 @@ CVE-2020-11936
 	RESERVED
 CVE-2020-11935
 	RESERVED
+	- aufs <unfixed>
+	[buster] - aufs <no-dsa> (Minor issue; CONFIG_IMA not enabled in kernel; can be fixed via point release))
+	[stretch] - aufs <ignored> (Minor issue; too many other aufs issues open)
+	NOTE: To exploit the issue CONFIG_IMA in Kernel needs to be enabled.
+	NOTE: linux/4.9.y had the config enabled, but was disabled in later versions
+	NOTE: including linux/4.19.y.
+	NOTE: https://sourceforge.net/p/aufs/mailman/message/37048642/
+	NOTE: https://github.com/sfjro/aufs4-linux/commit/515a586eeef31e0717d5dea21e2c11a965340b3c
+	NOTE: https://github.com/sfjro/aufs4-linux/commit/f10aea57d39d6cd311312e9e7746804f7059b5c8
 CVE-2020-11934
 	RESERVED
 CVE-2020-11933



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc9ba41f0e260357ed5a2df5e3d99fc6db74005d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc9ba41f0e260357ed5a2df5e3d99fc6db74005d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200630/bf22bad6/attachment.html>

More information about the debian-security-tracker-commits mailing list