Bug 974072 (CVE-2016-0764) - VUL-1: CVE-2016-0764: NetworkManager: Race condition allowing info leak
Summary: VUL-1: CVE-2016-0764: NetworkManager: Race condition allowing info leak
Status: RESOLVED FIXED
Alias: CVE-2016-0764
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Minor
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/166232/
Whiteboard: CVSSv2:SUSE:CVE-2016-0764:2.4:(AV:L/...
Keywords:
Depends on:
Blocks:
 
Reported: 2016-04-05 13:28 UTC by Johannes Segitz
Modified: 2024-07-26 09:42 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2016-04-05 13:28:37 UTC 
https://portal.cert.dfn.de/adv/DFN-CERT-2016-0538/

CVE-2016-0764: Schwachstelle in GNOME NetworkManager ermöglicht Ausspähen von Informationen

Während des Speichervorgangs einer Konfiguration im GNOME NetworkManager kann es zu einem kritischen Wettlauf kommen, durch den die gespeicherten Informationen abgefangen werden können. Ein lokaler, einfach authentifizierter Angreifer kann sensitive Informationen wie VPN- oder WLAN-Passwörter ausspähen und in der Folge Sicherheitsvorkehrungen umgehen.

Insecure usage of temporary files allows disclosure of sensitive data.

Fix in commit 60b7ed3

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1324025
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0764
Comment 1 Swamp Workflow Management 2016-04-05 22:01:21 UTC 
bugbot adjusting priority
Comment 3 Andreas Stieger 2016-12-22 10:35:50 UTC 
Assign to new bugowner
Comment 4 Jonathan Kang 2017-03-20 06:36:18 UTC 
There is a upstream fix for this issue:

https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=60b7ed3bdc3941a3b7c56824fba4b7291e79041f

The fix has been included in SLE12 SP2.
Comment 6 Jonathan Kang 2019-04-25 08:44:29 UTC 
The fix has been in SUSE:SLE-12-SP2:Update and SUSE:SLE-15:Update. For
SUSE:SLE-11-SP1:Update and SUSE:SLE-11-SP2:Update, this CVE doesn't apply to
those two projects.
Comment 7 Andrea Mattiazzo 2024-07-26 09:42:17 UTC 
All done, closing.