Debian Bug report logs - #1087697
Mkinitramfs causes machines to fail booting when used with LD_LIBRARY_PATH

version graph

Package: initramfs-tools; Maintainer for initramfs-tools is Debian kernel team <debian-kernel@lists.debian.org>; Source for initramfs-tools is src:initramfs-tools (PTS, buildd, popcon).

Reported by: Matan Liber <matan@pentera.io>

Date: Sun, 17 Nov 2024 12:09:02 UTC

Severity: normal

Found in version initramfs-tools/0.145

Reply or subscribe to this bug.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Debian kernel team <debian-kernel@lists.debian.org>:
Bug#1087697; Package initramfs-tools. (Sun, 17 Nov 2024 12:09:02 GMT) (full text, mbox, link).

Acknowledgement sent to Matan Liber <matan@pentera.io>:
New Bug report received and forwarded. Copy sent to Debian kernel team <debian-kernel@lists.debian.org>. (Sun, 17 Nov 2024 12:09:02 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Matan Liber <matan@pentera.io>
To: submit@bugs.debian.org
Subject: Mkinitramfs causes machines to fail booting when used with LD_LIBRARY_PATH
Date: Sun, 17 Nov 2024 14:04:54 +0200
[Message part 1 (text/plain, inline)]
Package: initramfs-tools
Version: 0.136ubuntu6.7

vulnerability identified in mkinitramfs that could lead to a Denial of
Service (DoS) condition on affected systems. Using mkinitramfs with
the environment variable LD_LIBRARY_PATH causes machines to fail boot
due to missing libraries in the initramfs images. A full report is
attached.

[Message part 2 (text/html, inline)]
[Debian Mkinitramfs Vulnerability.pdf (application/pdf, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian kernel team <debian-kernel@lists.debian.org>:
Bug#1087697; Package initramfs-tools. (Sun, 17 Nov 2024 19:33:01 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian kernel team <debian-kernel@lists.debian.org>. (Sun, 17 Nov 2024 19:33:01 GMT) (full text, mbox, link).

Message #10 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Matan Liber <matan@pentera.io>, 1087697@bugs.debian.org
Cc: submit@bugs.debian.org
Subject: Re: Bug#1087697: Mkinitramfs causes machines to fail booting when used with LD_LIBRARY_PATH
Date: Sun, 17 Nov 2024 20:29:49 +0100
Control: notfound -1 0.136ubuntu6.7
Control: found -1 0.145

FWIW, this is similar to what was handled in #944929 fixed with commit
e2ad67899850 ("hook-functions: preloaded libraries should not end up
in the initramfs").

Regards,
Salvatore

No longer marked as found in versions 0.136ubuntu6.7. Request was from Salvatore Bonaccorso <carnil@debian.org> to submit@bugs.debian.org. (Sun, 17 Nov 2024 19:33:01 GMT) (full text, mbox, link).

Marked as found in versions initramfs-tools/0.145. Request was from Salvatore Bonaccorso <carnil@debian.org> to submit@bugs.debian.org. (Sun, 17 Nov 2024 19:33:02 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Debian kernel team <debian-kernel@lists.debian.org>:
Bug#1087697; Package initramfs-tools. (Sun, 17 Nov 2024 19:33:02 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian kernel team <debian-kernel@lists.debian.org>. (Sun, 17 Nov 2024 19:33:02 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Debian kernel team <debian-kernel@lists.debian.org>:
Bug#1087697; Package initramfs-tools. (Sun, 24 Nov 2024 20:51:01 GMT) (full text, mbox, link).

Acknowledgement sent to Ben Hutchings <ben@decadent.org.uk>:
Extra info received and forwarded to list. Copy sent to Debian kernel team <debian-kernel@lists.debian.org>. (Sun, 24 Nov 2024 20:51:01 GMT) (full text, mbox, link).

Message #24 received at 1087697@bugs.debian.org (full text, mbox, reply):

From: Ben Hutchings <ben@decadent.org.uk>
To: 1087697@bugs.debian.org, Matan Liber <matan@pentera.io>
Subject: Re: Mkinitramfs causes machines to fail booting when used with LD_LIBRARY_PATH
Date: Sun, 24 Nov 2024 21:48:50 +0100
[Message part 1 (text/plain, inline)]
On Sun, 17 Nov 2024 14:04:54 +0200 Matan Liber <matan@pentera.io>
wrote:
> Package: initramfs-tools
> Version: 0.136ubuntu6.7
> 
> vulnerability identified in mkinitramfs that could lead to a Denial
of
> Service (DoS) condition on affected systems. Using mkinitramfs with
> the environment variable LD_LIBRARY_PATH causes machines to fail boot
> due to missing libraries in the initramfs images. A full report is
> attached.

This isn't a security vulnerability.  If an attacker can control
LD_LIBRARY_PATH for a user session then they can already cause
arbitrary code to be run as that user.

I may address this as an issue of robustness, but it's not going to
have a high priority.

Ben.

-- 
Ben Hutchings
Any smoothly functioning technology is indistinguishable
from a rigged demo.


[signature.asc (application/pgp-signature, inline)]

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 11:22:45 2025; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.