event* with read and write permissions for all users)

Debian Bug Tracking System Mon, 28 Nov 2022 14:21:20 -0800

Your message dated Mon, 28 Nov 2022 22:20:03 +0000
with message-id <e1ozmtr-004tds...@fasolo.debian.org>
and subject line Bug#1024998: fixed in g810-led 0.4.2-3
has caused the Debian Bug report #1024998,
regarding g810-led: Security risk: Leaves /dev/input/event* with read and write 
permissions for all users
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1024998: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024998
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: g810-led
Version: 0.4.2-2.1
Severity: critical
Tags: patch upstream security
Justification: root security hole
X-Debbugs-Cc: xdru...@tinet.cat, Debian Security Team <t...@security.debian.org>

Dear Maintainer,

I hesitate to file as critical, but I came across a bug report in
upstream that looked serious enough since it would allow all local
processes to eavesdrop on keyboard input, including passwords, etc. I
haven't tried an exploit, but it seemed better to just restrict
/dev/input/event* permissions to those of other event dev files.

Without this patch, I can read /dev/input/event2 and /dev/input/event3 as a
normal user. I see bytes in /dev/input/event2 when typing as a normal
user and also typing in another terminal (Konsole) typing as
root. event3 only shows the characters typed by the normal user.

With the patch I can't read /dev/input/event* as a normal user.

And the bug is publically reported upstream (some 10 days ago).

   * What led up to the situation?

Reviewing upstream bugs, found https://github.com/MatMoul/g810-led/issues/293

   * What exactly did you do (or not do) that was effective (or
     ineffective)?

Nothing really. I wrote the patch, rebuilt, and observed the
permissions were fixed. My keyboard seems to work both with and
without the patch (needs a kernel with CONFIG_HIDRAW), when calling
g810-led as root. As normal user it doesn't work (both with or without
patch), due to no permission for /dev/hidraw2.

It should really be fixed upstream, but maybe it's worth fixing meanwhile
or removing the package temporarily ?

-- System Information:
Debian Release: 11.5
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: arm64 (aarch64)

Kernel: Linux 5.19.4-gnu-eowyn21so-gc9d5f2140717-dirty (SMP w/6 CPU threads; 
PREEMPT)
Kernel taint flags: TAINT_CRAP
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages g810-led depends on:
ii  libc6         2.31-13+deb11u4
ii  libg810-led0  0.4.2-2.1
ii  libgcc-s1     10.2.1-6
ii  libstdc++6    10.2.1-6

g810-led recommends no packages.

g810-led suggests no packages.

-- Configuration Files:
/etc/g810-led/profile changed [not included]

-- no debconf information

*** 
/home/xdrudis/g810-led/debian/patches/correct_permissions_in_event_device_files.patch
--- a/udev/g810-led.rules
+++ b/udev/g810-led.rules
@@ -1,25 +1,25 @@
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c336", MODE="666" RUN+="/usr/bin/g213-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c330", MODE="666" RUN+="/usr/bin/g410-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33a", MODE="666" RUN+="/usr/bin/g413-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c342", MODE="666" RUN+="/usr/bin/g512-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33c", MODE="666" RUN+="/usr/bin/g513-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c333", MODE="666" RUN+="/usr/bin/g610-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c338", MODE="666" RUN+="/usr/bin/g610-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c331", MODE="666" RUN+="/usr/bin/g810-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c337", MODE="666" RUN+="/usr/bin/g810-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33f", MODE="666" RUN+="/usr/bin/g815-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c32b", MODE="666" RUN+="/usr/bin/g910-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c335", MODE="666" RUN+="/usr/bin/g910-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c339", MODE="666" RUN+="/usr/bin/gpro-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c336", MODE="666" RUN+="/usr/bin/g213-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c330", MODE="666" RUN+="/usr/bin/g410-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33a", MODE="666" RUN+="/usr/bin/g413-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c342", MODE="666" RUN+="/usr/bin/g512-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33c", MODE="666" RUN+="/usr/bin/g513-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c333", MODE="666" RUN+="/usr/bin/g610-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c338", MODE="666" RUN+="/usr/bin/g610-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c331", MODE="666" RUN+="/usr/bin/g810-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c337", MODE="666" RUN+="/usr/bin/g810-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c32b", MODE="666" RUN+="/usr/bin/g910-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c335", MODE="666" RUN+="/usr/bin/g910-led -p 
/etc/g810-led/profile"
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c339", MODE="666" RUN+="/usr/bin/gpro-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c336", MODE="660" RUN+="/usr/bin/g213-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c330", MODE="660" RUN+="/usr/bin/g410-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33a", MODE="660" RUN+="/usr/bin/g413-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c342", MODE="660" RUN+="/usr/bin/g512-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33c", MODE="660" RUN+="/usr/bin/g513-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c333", MODE="660" RUN+="/usr/bin/g610-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c338", MODE="660" RUN+="/usr/bin/g610-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c331", MODE="660" RUN+="/usr/bin/g810-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c337", MODE="660" RUN+="/usr/bin/g810-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33f", MODE="660" RUN+="/usr/bin/g815-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c32b", MODE="660" RUN+="/usr/bin/g910-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c335", MODE="660" RUN+="/usr/bin/g910-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c339", MODE="660" RUN+="/usr/bin/gpro-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c336", MODE="660" RUN+="/usr/bin/g213-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c330", MODE="660" RUN+="/usr/bin/g410-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33a", MODE="660" RUN+="/usr/bin/g413-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c342", MODE="660" RUN+="/usr/bin/g512-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33c", MODE="660" RUN+="/usr/bin/g513-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c333", MODE="660" RUN+="/usr/bin/g610-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c338", MODE="660" RUN+="/usr/bin/g610-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c331", MODE="660" RUN+="/usr/bin/g810-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c337", MODE="660" RUN+="/usr/bin/g810-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c32b", MODE="660" RUN+="/usr/bin/g910-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c335", MODE="660" RUN+="/usr/bin/g910-led -p 
/etc/g810-led/profile"
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c339", MODE="660" RUN+="/usr/bin/gpro-led -p 
/etc/g810-led/profile"

--- End Message ---

--- Begin Message ---

Source: g810-led
Source-Version: 0.4.2-3
Done: Stephen Kitt <sk...@debian.org>

We believe that the bug you reported is fixed in the latest version of
g810-led, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1024...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stephen Kitt <sk...@debian.org> (supplier of updated g810-led package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 28 Nov 2022 23:05:53 +0100
Source: g810-led
Architecture: source
Version: 0.4.2-3
Distribution: unstable
Urgency: medium
Maintainer: Stephen Kitt <sk...@debian.org>
Changed-By: Stephen Kitt <sk...@debian.org>
Closes: 1024998
Changes:
 g810-led (0.4.2-3) unstable; urgency=medium
 .
   * Control device access with uaccess instead of making everything
     world-writable. Thanks to Xavi Drudis Ferran for the report!
     Closes:#1024998.
Checksums-Sha1:
 9f3e2c60803bb66c973562d02c80dcaa023ac60a 1953 g810-led_0.4.2-3.dsc
 22f06a4b2ac624c45370f63dc9d6f8553f5b228c 6200 g810-led_0.4.2-3.debian.tar.xz
 8fb0ed1e0dbe91536cfbc888827041acf48f8a0e 6480 g810-led_0.4.2-3_source.buildinfo
Checksums-Sha256:
 d8adfbbfec49690dabbe3093f6dc4e53d1f6faa7d7c34b69acfeb64cbda6d608 1953 
g810-led_0.4.2-3.dsc
 b939940c191378d7df1c36eab41c963776432184d1bbf0e35e54e5e48d74e5e6 6200 
g810-led_0.4.2-3.debian.tar.xz
 fc6384f1c45a14e0d53a155a3ad58c3c611804b30489c8cb86df14bc5e3e286b 6480 
g810-led_0.4.2-3_source.buildinfo
Files:
 70c18dfdcd4c8a9d3e457b2ba302a983 1953 utils optional g810-led_0.4.2-3.dsc
 5f090856daafba8787d7d27f7c345dd1 6200 utils optional 
g810-led_0.4.2-3.debian.tar.xz
 b359f192e656bd2dd8d531b75d8e001b 6480 utils optional 
g810-led_0.4.2-3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEnPVX/hPLkMoq7x0ggNMC9Yhtg5wFAmOFMPAACgkQgNMC9Yht
g5zatRAAh7me3OV/Bhbx2PoNWbXN9mLO6hb5HmcmPk+ybQqKH8T+varCkYq96/fT
bRZBjQgI6+7L53xcfPRsuaN64i4lwW/32LToSFQMkLUu6bFFihDwCTqX+KaeYjFM
NUrcRYHmWKDUtvmbJ6L+n9LEw27zD7PB3oB+H+E/k5Hv2FvnZ2DuViIUsnuRLffN
tW1JDpWggtG4xBlqsVhVMWt+xZ9j4eA/nnWWNMX32NipnQxJmFF8dQp3z3MlNnNt
37ig7APSwNkdlnHORLYNqTHuMK8eYw4InaEDiCqM1dxAIPjMFPas0nqeiIU64Tqj
iGq5D32G8XYMRl4fxZfctPQli70BHc1TMbD5JJHN4EgkVrwOvomkKbhHJ0px9JGg
V+3uxQNIWlYvZhDQJBKAyxvXsSU1klwX7L4qr/j8TjIam7b9LR6b0c2mbgT2fF93
NPkyR0aXaaay7sUQKOZlDy1ROHJIRwaqN7pI3IERB2bHNr8eOZM7H08HXDoawa7O
P5MS4Gt8YB4XNjfRo7I7I5GoFAWw/e+GmzahMKAxwRgkQfBxrzkszWOZK3bVo29A
Xdyk+6ptBhoLpb2+ZMIda5KLTREbRV4EmgU2HUwp1YDGJAa90co3J+JKGFcpXdQz
Y+CwC+F3jtsEdnH7bs0POXZx2xfZ4H8VF/2YaW+wSVdtj86XcxU=
=TxFx
-----END PGP SIGNATURE-----

--- End Message ---

Bug#1024998: marked as done (g810-led: Security risk: Leaves /dev/input/event* with read and write permissions for all users)

Reply via email to