Being able to verify that the code running on a system is the "correct" code is an important feature for some environments. The Linux integrity management architecture (IMA) patches—recently merged for 2.6.30—look at the integrity of processes as they are started by the kernel. But that requires running on a "good" kernel. So a patch, recently put out for comments on linux-kernel, proposes a lower-level mechanism which uses Intel's Trusted Execution Technology (TXT) to verify the integrity of the kernel itself.
Whereas the IMA lives completely within the Linux kernel, but uses Trusted Platform Module (TPM) hardware to check and enforce the integrity of code that is executed, the TXT-based integrity system interposes a virtual machine monitor (VMM or hypervisor) between the hardware and the kernel. This hypervisor, called Trusted Boot or tboot interacts with the TXT hardware, which is contained in various recent Intel chipsets, to verify the integrity of the kernel before launching it.
The TXT hardware can itself verify the integrity of many of the firmware components (things like BIOS and option ROMs) that must be assumed when using IMA. In their introductory post, Joseph Cihula and Shane Wang of Intel describe the advantages of a TXT-based integrity system as follows:
By using the hardware-based root of trust that Intel TXT provides, many of these issues can be mitigated. Specifically: many pre-launch components can be removed from the trust chain, DMA protection is provided to all launched components, a large number of platform configuration checks are performed and values locked, protection is provided for any data in the event of an improper shutdown, and there is support for policy-based execution/verification. This provides a more stable measurement and a higher assurance of system configuration and initial state than would be otherwise possible. Since the tboot project is open source, source code for almost all parts of the trust chain is available (excepting SMM and Intel-provided firmware).
It is interesting that they mention system management mode (SMM) as that has recently been the target of some research on undetectable rootkits. The kind of malware described in the research could subvert even TXT-based integrity systems.
In a followup post, Cihula and Wang describe in some detail how TXT, tboot, and the kernel cooperate to make it all work. Tboot is loaded by the bootloader—typically grub—as the "kernel". The grub.conf file lists the Linux kernel and Intel-supplied binary-only "authenticated code module" as "modules" that get loaded as well. For those who wish it, tboot also supports launching the Xen hypervisor, instead of the Linux kernel, as the guest. Tboot then does all of the setup necessary to determine if the TXT environment is present and configured correctly, if not, it just launches the kernel as usual. But if it finds a proper TXT environment, it initiates the integrity checking and verifies the hardware environment.
At that point, user-defined policies are consulted to determine the how to verify the integrity of the kernel and initial ramdisk (initrd) and what to do if verification fails. Tboot creates a shared page of memory and populates it with some data about itself for the kernel to use. The physical address of the shared page is passed to the kernel as a boot parameter. The kernel then maps that page as part of the boot process.
The shared page is also used by the kernel to communicate its intent to move to one of the sleep states of the processor. Instead of directly sleeping, it informs tboot of all of the relevant ACPI data via the shared page and jumps into tboot via a vector listed in the page. When going into the standby (suspend to RAM or S3) sleep, additional steps are taken to ensure the memory integrity across the S3 boundary. This is done by calculating a hash value over critical memory regions (kernel code and data as well as the S3 resume code) and signing it using the TPM. The user-supplied tboot policies determine what actions to take if the RAM verification fails upon coming out of S3.
The patch itself is relatively small and comments on it nearly non-existent. While it provides a potentially interesting protection against various attack scenarios, it also adds a layer underneath the kernel. In addition, there are some binary components to tboot that may raise some eyebrows. It will be interesting to see what kind of reception it gets, once folks start looking at it.
Brief itemsThe compromise was not the result of a software vulnerability, and as we have previously stated, our investigation has revealed no such vulnerabilities. Instead, the intruder took a copy of a SSH private key which was not secured with a passphrase from a system outside the Fedora infrastructure. The intruder then used that key, which belonged to a Fedora administrator, to access Fedora systems." story of "GhostNet", a globe-spanning infiltration of computers, most of which are controlled by various governments. In investigating malware at the offices of the Dalai Lama, security researchers found a much larger operation. "Their sleuthing opened a window into a broader operation that, in less than two years, has infiltrated at least 1,295 computers in 103 countries, including many belonging to embassies, foreign ministries and other government offices, as well as the Dalai Lamas Tibetan exile centers in India, Brussels, London and New York. [...] The researchers, who have a record of detecting computer espionage, said they believed that in addition to the spying on the Dalai Lama, the system, which they called GhostNet, was focused on the governments of South Asian and Southeast Asian countries."
|Package(s):||acroread||CVE #(s):||CVE-2009-0193 CVE-2009-0658 CVE-2009-0927 CVE-2009-0928 CVE-2009-1061 CVE-2009-1062|
|Created:||March 27, 2009||Updated:||April 21, 2009|
|Created:||March 30, 2009||Updated:||April 1, 2009|
From the Debian advisory:
It was discovered that auth2db, an IDS logger, log viewer and alert generator, is prone to an SQL injection vulnerability, when used with multibyte character encodings.
|Package(s):||epiphany||CVE #(s):||CVE-2009-1169 CVE-2009-1044|
|Created:||March 28, 2009||Updated:||April 20, 2009|
|Description:||Versions of the firefox browser through 3.0.7 suffer from two remote code execution vulnerabilities; one of them was used to win the 2009 CanSecWest Pwn2Own contest and has active exploits circulating. The 3.0.8 release closes the holes.|
|Package(s):||java-1.6.0-sun||CVE #(s):||CVE-2006-2426 CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1099 CVE-2009-1100 CVE-2009-1101 CVE-2009-1102 CVE-2009-1103 CVE-2009-1104 CVE-2009-1105 CVE-2009-1106 CVE-2009-1107|
|Created:||March 26, 2009||Updated:||November 18, 2009|
|Description:||Java 1.6.0 has a long list of vulnerabilities.
From the Red Hat alert:
CVE-2006-2426 Untrusted applet causes DoS by filling up disk space
CVE-2009-1101 OpenJDK JAX-WS service endpoint remote Denial-of-Service
CVE-2009-1093 OpenJDK remote LDAP Denial-Of-Service
CVE-2009-1094 OpenJDK LDAP client remote code execution
CVE-2009-1095 CVE-2009-1096 OpenJDK Pack200 Buffer overflow vulnerability
CVE-2009-1102 OpenJDK code generation vulnerability
CVE-2009-1097 OpenJDK PNG processing buffer overflow vulnerability
CVE-2009-1098 OpenJDK GIF processing buffer overflow vulnerability
CVE-2009-1099 OpenJDK: Type1 font processing buffer overflow vulnerability
CVE-2009-1100 OpenJDK: DoS (disk consumption) via handling of temporary font files
CVE-2009-1103 OpenJDK: Files disclosure, arbitrary code execution via "deserializing applets"
CVE-2009-1104 OpenJDK: Intended access restrictions bypass via LiveConnect
CVE-2009-1105 OpenJDK: Possibility of trusted applet run in older, vulnerable version of JRE
CVE-2009-1106 OpenJDK: Improper parsing of crossdomain.xml files (intended access restriction bypass)
CVE-2009-1107 OpenJDK: Signed applet remote misuse possibility
|Created:||April 1, 2009||Updated:||February 3, 2010|
From the Red Hat advisory:
Memory leaks were found on some error paths in the icmp_send() function in the Linux kernel. This could, potentially, cause the network connectivity to cease. (CVE-2009-0778, Important)
|Package(s):||krb5||CVE #(s):||CVE-2009-0844 CVE-2009-0845 CVE-2009-0846 CVE-2009-0847|
|Created:||March 30, 2009||Updated:||January 14, 2010|
From the Mandriva advisory:
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token (CVE-2009-0845).
From the Red Hat advisory:
An input validation flaw was found in the ASN.1 (Abstract Syntax Notation One) decoder used by MIT Kerberos. A remote attacker could use this flaw to crash a network service using the MIT Kerberos library, such as kadmind or krb5kdc, by causing it to dereference or free an uninitialized pointer. (CVE-2009-0846)
Multiple input validation flaws were found in the MIT Kerberos GSS-API library's implementation of the SPNEGO mechanism. A remote attacker could use these flaws to crash any network service utilizing the MIT Kerberos GSS-API library to authenticate users or, possibly, leak portions of the service's memory. (CVE-2009-0844, CVE-2009-0845)
|Created:||March 31, 2009||Updated:||April 1, 2009|
|Description:||From the Debian advisory: Leigh James that discovered that nss-ldapd, an NSS module for using LDAP as a naming service, by default creates the configuration file /etc/nss-ldapd.conf world-readable which could leak the configured LDAP password if one is used for connecting to the LDAP server.|
|Created:||March 31, 2009||Updated:||July 27, 2011|
|Description:||From the Ubuntu advisory: It was discovered that OpenSSL did not properly validate the length of an encoded BMPString or UniversalString when printing ASN.1 strings. If a user or automated system were tricked into processing a crafted certificate, an attacker could cause a denial of service via application crash in applications linked against OpenSSL.|
|Created:||March 30, 2009||Updated:||September 12, 2013|
From the Red Hat advisory:
Gerd v. Egidy discovered a flaw in the Dead Peer Detection (DPD) in Openswan's pluto IKE daemon. A remote attacker could use a malicious DPD packet to crash the pluto daemon. (CVE-2009-0790)
|Created:||March 26, 2009||Updated:||April 2, 2009|
|Description:||systemtap has a race condition vulnerability.
From the Debian alert:
Erik Sjoelund discovered that a race condition in the stap tool shipped by Systemtap, an instrumentation system for Linux 2.6, allows local privilege escalation for members of the stapusr group.
Page editor: Jake Edge
Next page: Kernel development>>
Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds