| Revision Date: | 2014-12-15 | Version: | 9 | | Title: | ELSA-2011-1532 -- kexec-tools security, bug fix, and enhancement update (moderate) | | Description: | Kdump used the SSH (Secure Shell) "StrictHostKeyChecking=no" option whendumping to SSH targets, causing the target kdump server's SSH host key notto be checked. This could make it easier for a man-in-the-middle attackeron the local network to impersonate the kdump SSH target server andpossibly gain access to sensitive information in the vmcore dumps.(CVE-2011-3588)mkdumprd created initrd files with world-readable permissions. A local usercould possibly use this flaw to gain access to sensitive information, suchas the private SSH key used to authenticate to a remote server when kdumpwas configured to dump to an SSH target. (CVE-2011-3589)mkdumprd included unneeded sensitive files (such as all files from the"/root/.ssh/" directory and the host's private SSH keys) in the resultinginitrd. This could lead to an information leak when initrd files werepreviously created with world-readable permissions. Note: With this update,only the SSH client configuration, known hosts files, and the SSH keyconfigured via the newly introduced sshkey option in "/etc/kdump.conf" areincluded in the initrd. The default is the key generated when running the"service kdump propagate" command, "/root/.ssh/kdump_id_rsa".(CVE-2011-3590) | | Family: | unix | Class: | patch | | Status: | ACCEPTED | Reference(s): | CVE-2011-3588
CVE-2011-3589
CVE-2011-3590
ELSA-2011-1532
| | Platform(s): | Oracle Linux 6
| Product(s): | kexec-tools
| | Definition Synopsis | | Oracle Linux 6.x AND kexec-tools is earlier than 0:2.0.0-209.0.1.el6
|
|