URL: https://github.com/SSSD/sssd/pull/5748 Author: alexey-tikhonov Title: #5748: TOOLS: replace system() with execvp() Action: opened
PR body: """ to avoid execution of user supplied command
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
:fixes: CVE-2021-3621 """
To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5748/head:pr5748 git checkout pr5748
URL: https://github.com/SSSD/sssd/pull/5748 Title: #5748: TOOLS: replace system() with execvp()
Label: +Waiting for review
URL: https://github.com/SSSD/sssd/pull/5748 Author: alexey-tikhonov Title: #5748: TOOLS: replace system() with execvp() Action: synchronized
To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5748/head:pr5748 git checkout pr5748
URL: https://github.com/SSSD/sssd/pull/5748 Title: #5748: TOOLS: replace system() with execvp()
Label: +Ready to push
URL: https://github.com/SSSD/sssd/pull/5748 Title: #5748: TOOLS: replace system() with execvp()
Label: -Waiting for review
URL: https://github.com/SSSD/sssd/pull/5748 Title: #5748: TOOLS: replace system() with execvp()
Label: +Accepted
URL: https://github.com/SSSD/sssd/pull/5748 Title: #5748: TOOLS: replace system() with execvp()
pbrezina commented: """ Pushed PR: https://github.com/SSSD/sssd/pull/5748
* `master` * 7ab83f97e1cbefb78ece17232185bdd2985f0bbe - TOOLS: replace system() with execvp() to avoid execution of user supplied command
"""
See the full comment at https://github.com/SSSD/sssd/pull/5748#issuecomment-899562880
URL: https://github.com/SSSD/sssd/pull/5748 Title: #5748: TOOLS: replace system() with execvp()
Label: +Pushed
URL: https://github.com/SSSD/sssd/pull/5748 Title: #5748: TOOLS: replace system() with execvp()
Label: -Accepted
URL: https://github.com/SSSD/sssd/pull/5748 Title: #5748: TOOLS: replace system() with execvp()
Label: -Ready to push
URL: https://github.com/SSSD/sssd/pull/5748 Author: alexey-tikhonov Title: #5748: TOOLS: replace system() with execvp() Action: closed
To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5748/head:pr5748 git checkout pr5748
sssd-devel@lists.fedorahosted.org
-
alexey-tikhonov -
pbrezina