Synopsis: Moderate: system-config-firewall security update
Issue Date: 2011-07-18
CVE Numbers: CVE-2011-2520
system-config-firewall is a graphical user interface for basic firewall
It was found that system-config-firewall used the Python pickle module in
an insecure way when sending data (via D-Bus) to the privileged back-end
mechanism. A local user authorized to configure firewall rules using
system-config-firewall could use this flaw to execute arbitrary code with
root privileges, by sending a specially-crafted serialized object.
Red Hat would like to thank Marco Slaviero of SensePost for reporting this
Notation) for data exchange, instead of pickle. Therefore, an updated
version of system-config-printer that uses this new communication data
format is also provided in this erratum.
Users of system-config-firewall are advised to upgrade to these updated
packages, which contain a backported patch to resolve this issue. Running
instances of system-config-firewall must be restarted before the utility
will be able to communicate with its updated back-end.
– Scientific Linux Development Team