Bug 1146776

Summary: AUDIT-FIND: resource-agents: Code execution via insecure tmp files in db2
Product: [Novell Products] SUSE Security Incidents Reporter: Johannes Segitz <jsegitz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: varkoly
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 1021689    

Description Johannes Segitz 2019-08-22 08:26:15 UTC 
resource-agents-4.3.018.a7fb5035/tools/ocft/db2

102 CASE "killed instance: monitor"
103         Include prepare
104         AgentRun start OCF_SUCCESS
105         AgentRun monitor OCF_SUCCESS
106         BashAtExit rm /tmp/ocft-helper1
107         Bash echo "su $OCFT_instance -c '. ~$OCFT_instance/sqllib/db2profile; db2nkill 0 >/dev/null 2>&1'" > /tmp/ocft-helper1
108         Bash sh -x /tmp/ocft-helper1
109         AgentRun monitor OCF_NOT_RUNNING

and

117 CASE "check start really activates db"
118         Include prepare
119         AgentRun start OCF_SUCCESS
120
121         BashAtExit rm /tmp/ocft-helper2
122         Bash echo "su $OCFT_instance -c '. ~$OCFT_instance/sqllib/db2profile; db2 get snapshot for database on $OCFT_db>/dev/null'" > /tmp/ocft-helper2
123         Bash sh -x /tmp/ocft-helper2

If you create /tmp/ocft-helper2 before with proper permissions you get to run your code
Comment 4 Swamp Workflow Management 2020-04-23 19:32:43 UTC 
SUSE-SU-2020:1090-1: An update that contains security fixes can now be installed.

Category: security (important)
Bug References: 1021689,1146687,1146690,1146691,1146692,1146766,1146776,1146784,1146785,1146787
CVE References: 
Sources used:
SUSE Linux Enterprise High Availability 15 (src):    resource-agents-4.3.0184.6ee15eb2-3.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 5 Swamp Workflow Management 2020-04-23 19:35:13 UTC 
SUSE-SU-2020:1089-1: An update that contains security fixes can now be installed.

Category: security (important)
Bug References: 1021689,1146687,1146690,1146691,1146692,1146766,1146776,1146784,1146785,1146787
CVE References: 
Sources used:
SUSE Linux Enterprise High Availability 15-SP1 (src):    resource-agents-4.3.0184.6ee15eb2-4.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Swamp Workflow Management 2020-04-23 19:36:36 UTC 
SUSE-SU-2020:1092-1: An update that contains security fixes can now be installed.

Category: security (important)
Bug References: 1021689,1146687,1146690,1146691,1146776,1146784,1146785,1146787,1146789,1161898
CVE References: 
Sources used:
SUSE Linux Enterprise High Availability 12-SP3 (src):    resource-agents-4.0.1+git.1495055229.643177f1-2.45.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2020-04-23 19:38:27 UTC 
SUSE-SU-2020:1091-1: An update that contains security fixes can now be installed.

Category: security (important)
Bug References: 1021689,1146687,1146690,1146691,1146692,1146766,1146776,1146784,1146785,1146787,1146789
CVE References: 
Sources used:
SUSE Linux Enterprise High Availability 12-SP5 (src):    resource-agents-4.3.018.a7fb5035-3.42.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    resource-agents-4.3.018.a7fb5035-3.42.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2020-05-01 22:38:10 UTC 
openSUSE-SU-2020:0585-1: An update that contains security fixes can now be installed.

Category: security (important)
Bug References: 1021689,1146687,1146690,1146691,1146692,1146766,1146776,1146784,1146785,1146787
CVE References: 
Sources used:
openSUSE Leap 15.1 (src):    resource-agents-4.3.0184.6ee15eb2-lp151.3.18.1
Comment 9 Johannes Segitz 2021-07-09 07:20:02 UTC 
thanks for the submits
Comment 11 Marcus Meissner 2021-09-10 15:07:45 UTC 
rekleased
Comment 15 Swamp Workflow Management 2022-07-08 13:17:19 UTC 
SUSE-SU-2022:2337-1: An update that contains security fixes can now be installed.

Category: security (important)
Bug References: 1021689,1146687,1146690,1146691,1146692,1146766,1146776,1146784,1146785,1146787,1196164,1197956,1199766
CVE References: 
JIRA References: 
Sources used:
SUSE Linux Enterprise High Availability 15-SP2 (src):    resource-agents-4.4.0+git57.70549516-150200.3.53.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.