diff options
Diffstat (limited to 'gnu/packages/patches/util-linux-CVE-2021-3996.patch')
| -rw-r--r-- | gnu/packages/patches/util-linux-CVE-2021-3996.patch | 233 |
1 files changed, 0 insertions, 233 deletions
diff --git a/gnu/packages/patches/util-linux-CVE-2021-3996.patch b/gnu/packages/patches/util-linux-CVE-2021-3996.patch deleted file mode 100644 index 59edf5c7cfc..00000000000 --- a/gnu/packages/patches/util-linux-CVE-2021-3996.patch +++ /dev/null @@ -1,233 +0,0 @@ -Fix CVE-2021-3996: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996 -https://seclists.org/oss-sec/2022/q1/66 - -Patch copied from upstream source repository: - -https://github.com/util-linux/util-linux/commit/018a10907fa9885093f6d87401556932c2d8bd2b - -From 018a10907fa9885093f6d87401556932c2d8bd2b Mon Sep 17 00:00:00 2001 -From: Karel Zak <kzak@redhat.com> -Date: Tue, 4 Jan 2022 10:54:20 +0100 -Subject: [PATCH] libmount: fix (deleted) suffix issue [CVE-2021-3996] - -This issue is related to parsing the /proc/self/mountinfo file allows an -unprivileged user to unmount other user's filesystems that are either -world-writable themselves or mounted in a world-writable directory. - -The support for "(deleted)" is no more necessary as the Linux kernel does -not use it in /proc/self/mountinfo and /proc/self/mount files anymore. - -Signed-off-by: Karel Zak <kzak@redhat.com> ---- - libmount/src/tab_parse.c | 5 ----- - tests/expected/findmnt/filter-options | 1 - - tests/expected/findmnt/filter-options-nameval-neg | 3 +-- - tests/expected/findmnt/filter-types-neg | 1 - - tests/expected/findmnt/outputs-default | 3 +-- - tests/expected/findmnt/outputs-force-tree | 3 +-- - tests/expected/findmnt/outputs-kernel | 3 +-- - tests/expected/libmount/tabdiff-mount | 1 - - tests/expected/libmount/tabdiff-move | 1 - - tests/expected/libmount/tabdiff-remount | 1 - - tests/expected/libmount/tabdiff-umount | 1 - - tests/expected/libmount/tabfiles-parse-mountinfo | 11 ----------- - tests/expected/libmount/tabfiles-py-parse-mountinfo | 11 ----------- - tests/ts/findmnt/files/mountinfo | 1 - - tests/ts/findmnt/files/mountinfo-nonroot | 1 - - tests/ts/libmount/files/mountinfo | 1 - - 16 files changed, 4 insertions(+), 44 deletions(-) - -diff --git a/libmount/src/tab_parse.c b/libmount/src/tab_parse.c -index 917779ab6..4407f9c9c 100644 ---- a/libmount/src/tab_parse.c -+++ b/libmount/src/tab_parse.c -@@ -227,11 +227,6 @@ static int mnt_parse_mountinfo_line(struct libmnt_fs *fs, const char *s) - goto fail; - } - -- /* remove "\040(deleted)" suffix */ -- p = (char *) endswith(fs->target, PATH_DELETED_SUFFIX); -- if (p && *p) -- *p = '\0'; -- - s = skip_separator(s); - - /* (6) vfs options (fs-independent) */ -diff --git a/tests/expected/findmnt/filter-options b/tests/expected/findmnt/filter-options -index 2606bce76..97b0ead0a 100644 ---- a/tests/expected/findmnt/filter-options -+++ b/tests/expected/findmnt/filter-options -@@ -28,5 +28,4 @@ TARGET SOURCE FSTYPE OPTIONS - /home/kzak/.gvfs gvfs-fuse-daemon fuse.gvfs-fuse-daemon rw,nosuid,nodev,relatime,user_id=500,group_id=500 - /var/lib/nfs/rpc_pipefs sunrpc rpc_pipefs rw,relatime - /mnt/sounds //foo.home/bar/ cifs rw,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 --/mnt/foo /fooooo bar rw,relatime - rc=0 -diff --git a/tests/expected/findmnt/filter-options-nameval-neg b/tests/expected/findmnt/filter-options-nameval-neg -index 5471d65af..f0467ef75 100644 ---- a/tests/expected/findmnt/filter-options-nameval-neg -+++ b/tests/expected/findmnt/filter-options-nameval-neg -@@ -29,6 +29,5 @@ TARGET SOURCE FSTYPE OPTIO - |-/home/kzak /dev/mapper/kzak-home ext4 rw,noatime,barrier=1,data=ordered - | `-/home/kzak/.gvfs gvfs-fuse-daemon fuse.gvfs-fuse-daemon rw,nosuid,nodev,relatime,user_id=500,group_id=500 - |-/var/lib/nfs/rpc_pipefs sunrpc rpc_pipefs rw,relatime --|-/mnt/sounds //foo.home/bar/ cifs rw,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 --`-/mnt/foo /fooooo bar rw,relatime -+`-/mnt/sounds //foo.home/bar/ cifs rw,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 - rc=0 -diff --git a/tests/expected/findmnt/filter-types-neg b/tests/expected/findmnt/filter-types-neg -index 2606bce76..97b0ead0a 100644 ---- a/tests/expected/findmnt/filter-types-neg -+++ b/tests/expected/findmnt/filter-types-neg -@@ -28,5 +28,4 @@ TARGET SOURCE FSTYPE OPTIONS - /home/kzak/.gvfs gvfs-fuse-daemon fuse.gvfs-fuse-daemon rw,nosuid,nodev,relatime,user_id=500,group_id=500 - /var/lib/nfs/rpc_pipefs sunrpc rpc_pipefs rw,relatime - /mnt/sounds //foo.home/bar/ cifs rw,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 --/mnt/foo /fooooo bar rw,relatime - rc=0 -diff --git a/tests/expected/findmnt/outputs-default b/tests/expected/findmnt/outputs-default -index 59495797b..01599355e 100644 ---- a/tests/expected/findmnt/outputs-default -+++ b/tests/expected/findmnt/outputs-default -@@ -30,6 +30,5 @@ TARGET SOURCE FSTYPE OPTIO - |-/home/kzak /dev/mapper/kzak-home ext4 rw,noatime,barrier=1,data=ordered - | `-/home/kzak/.gvfs gvfs-fuse-daemon fuse.gvfs-fuse-daemon rw,nosuid,nodev,relatime,user_id=500,group_id=500 - |-/var/lib/nfs/rpc_pipefs sunrpc rpc_pipefs rw,relatime --|-/mnt/sounds //foo.home/bar/ cifs rw,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 --`-/mnt/foo /fooooo bar rw,relatime -+`-/mnt/sounds //foo.home/bar/ cifs rw,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 - rc=0 -diff --git a/tests/expected/findmnt/outputs-force-tree b/tests/expected/findmnt/outputs-force-tree -index 59495797b..01599355e 100644 ---- a/tests/expected/findmnt/outputs-force-tree -+++ b/tests/expected/findmnt/outputs-force-tree -@@ -30,6 +30,5 @@ TARGET SOURCE FSTYPE OPTIO - |-/home/kzak /dev/mapper/kzak-home ext4 rw,noatime,barrier=1,data=ordered - | `-/home/kzak/.gvfs gvfs-fuse-daemon fuse.gvfs-fuse-daemon rw,nosuid,nodev,relatime,user_id=500,group_id=500 - |-/var/lib/nfs/rpc_pipefs sunrpc rpc_pipefs rw,relatime --|-/mnt/sounds //foo.home/bar/ cifs rw,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 --`-/mnt/foo /fooooo bar rw,relatime -+`-/mnt/sounds //foo.home/bar/ cifs rw,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 - rc=0 -diff --git a/tests/expected/findmnt/outputs-kernel b/tests/expected/findmnt/outputs-kernel -index 59495797b..01599355e 100644 ---- a/tests/expected/findmnt/outputs-kernel -+++ b/tests/expected/findmnt/outputs-kernel -@@ -30,6 +30,5 @@ TARGET SOURCE FSTYPE OPTIO - |-/home/kzak /dev/mapper/kzak-home ext4 rw,noatime,barrier=1,data=ordered - | `-/home/kzak/.gvfs gvfs-fuse-daemon fuse.gvfs-fuse-daemon rw,nosuid,nodev,relatime,user_id=500,group_id=500 - |-/var/lib/nfs/rpc_pipefs sunrpc rpc_pipefs rw,relatime --|-/mnt/sounds //foo.home/bar/ cifs rw,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 --`-/mnt/foo /fooooo bar rw,relatime -+`-/mnt/sounds //foo.home/bar/ cifs rw,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 - rc=0 -diff --git a/tests/expected/libmount/tabdiff-mount b/tests/expected/libmount/tabdiff-mount -index 420aeacd5..3c18f8dc4 100644 ---- a/tests/expected/libmount/tabdiff-mount -+++ b/tests/expected/libmount/tabdiff-mount -@@ -1,3 +1,2 @@ - /dev/mapper/kzak-home on /home/kzak: MOUNTED --/fooooo on /mnt/foo: MOUNTED - tmpfs on /mnt/test/foo
bar: MOUNTED -diff --git a/tests/expected/libmount/tabdiff-move b/tests/expected/libmount/tabdiff-move -index 24f9bc791..95820d93e 100644 ---- a/tests/expected/libmount/tabdiff-move -+++ b/tests/expected/libmount/tabdiff-move -@@ -1,3 +1,2 @@ - //foo.home/bar/ on /mnt/music: MOVED to /mnt/music --/fooooo on /mnt/foo: UMOUNTED - tmpfs on /mnt/test/foo
bar: UMOUNTED -diff --git a/tests/expected/libmount/tabdiff-remount b/tests/expected/libmount/tabdiff-remount -index 82ebeab39..876bfd953 100644 ---- a/tests/expected/libmount/tabdiff-remount -+++ b/tests/expected/libmount/tabdiff-remount -@@ -1,4 +1,3 @@ - /dev/mapper/kzak-home on /home/kzak: REMOUNTED from 'rw,noatime,barrier=1,data=ordered' to 'ro,noatime,barrier=1,data=ordered' - //foo.home/bar/ on /mnt/sounds: REMOUNTED from 'rw,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344' to 'ro,relatime,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344' --/fooooo on /mnt/foo: UMOUNTED - tmpfs on /mnt/test/foo
bar: UMOUNTED -diff --git a/tests/expected/libmount/tabdiff-umount b/tests/expected/libmount/tabdiff-umount -index a3e0fe48a..c7be725b9 100644 ---- a/tests/expected/libmount/tabdiff-umount -+++ b/tests/expected/libmount/tabdiff-umount -@@ -1,3 +1,2 @@ - /dev/mapper/kzak-home on /home/kzak: UMOUNTED --/fooooo on /mnt/foo: UMOUNTED - tmpfs on /mnt/test/foo
bar: UMOUNTED -diff --git a/tests/expected/libmount/tabfiles-parse-mountinfo b/tests/expected/libmount/tabfiles-parse-mountinfo -index 47eb77006..d5ba5248e 100644 ---- a/tests/expected/libmount/tabfiles-parse-mountinfo -+++ b/tests/expected/libmount/tabfiles-parse-mountinfo -@@ -351,17 +351,6 @@ id: 47 - parent: 20 - devno: 0:38 - ------ fs: --source: /fooooo --target: /mnt/foo --fstype: bar --optstr: rw,relatime --VFS-optstr: rw,relatime --FS-opstr: rw --root: / --id: 48 --parent: 20 --devno: 0:39 -------- fs: - source: tmpfs - target: /mnt/test/foo
bar - fstype: tmpfs -diff --git a/tests/expected/libmount/tabfiles-py-parse-mountinfo b/tests/expected/libmount/tabfiles-py-parse-mountinfo -index 47eb77006..d5ba5248e 100644 ---- a/tests/expected/libmount/tabfiles-py-parse-mountinfo -+++ b/tests/expected/libmount/tabfiles-py-parse-mountinfo -@@ -351,17 +351,6 @@ id: 47 - parent: 20 - devno: 0:38 - ------ fs: --source: /fooooo --target: /mnt/foo --fstype: bar --optstr: rw,relatime --VFS-optstr: rw,relatime --FS-opstr: rw --root: / --id: 48 --parent: 20 --devno: 0:39 -------- fs: - source: tmpfs - target: /mnt/test/foo
bar - fstype: tmpfs -diff --git a/tests/ts/findmnt/files/mountinfo b/tests/ts/findmnt/files/mountinfo -index 475ea1a33..ff1e664a8 100644 ---- a/tests/ts/findmnt/files/mountinfo -+++ b/tests/ts/findmnt/files/mountinfo -@@ -30,4 +30,3 @@ - 44 41 0:36 / /home/kzak/.gvfs rw,nosuid,nodev,relatime - fuse.gvfs-fuse-daemon gvfs-fuse-daemon rw,user_id=500,group_id=500 - 45 20 0:37 / /var/lib/nfs/rpc_pipefs rw,relatime - rpc_pipefs sunrpc rw - 47 20 0:38 / /mnt/sounds rw,relatime - cifs //foo.home/bar/ rw,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 --48 20 0:39 / /mnt/foo\040(deleted) rw,relatime - bar /fooooo rw -diff --git a/tests/ts/findmnt/files/mountinfo-nonroot b/tests/ts/findmnt/files/mountinfo-nonroot -index e15b46701..87b421d2e 100644 ---- a/tests/ts/findmnt/files/mountinfo-nonroot -+++ b/tests/ts/findmnt/files/mountinfo-nonroot -@@ -29,4 +29,3 @@ - 44 41 0:36 / /home/kzak/.gvfs rw,nosuid,nodev,relatime - fuse.gvfs-fuse-daemon gvfs-fuse-daemon rw,user_id=500,group_id=500 - 45 20 0:37 / /var/lib/nfs/rpc_pipefs rw,relatime - rpc_pipefs sunrpc rw - 47 20 0:38 / /mnt/sounds rw,relatime - cifs //foo.home/bar/ rw,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 --48 20 0:39 / /mnt/foo\040(deleted) rw,relatime - bar /fooooo rw -diff --git a/tests/ts/libmount/files/mountinfo b/tests/ts/libmount/files/mountinfo -index c06307183..2b0174048 100644 ---- a/tests/ts/libmount/files/mountinfo -+++ b/tests/ts/libmount/files/mountinfo -@@ -30,5 +30,4 @@ - 44 41 0:36 / /home/kzak/.gvfs rw,nosuid,nodev,relatime - fuse.gvfs-fuse-daemon gvfs-fuse-daemon rw,user_id=500,group_id=500 - 45 20 0:37 / /var/lib/nfs/rpc_pipefs rw,relatime - rpc_pipefs sunrpc rw - 47 20 0:38 / /mnt/sounds rw,relatime - cifs //foo.home/bar/ rw,unc=\\foo.home\bar,username=kzak,domain=SRGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.111.1,posixpaths,serverino,acl,rsize=16384,wsize=57344 --48 20 0:39 / /mnt/foo\040(deleted) rw,relatime - bar /fooooo rw - 49 20 0:56 / /mnt/test/foo
bar rw,relatime shared:323 - tmpfs tmpfs rw --- -2.34.0 - |