Closed
Bug 953993
(CVE-2014-1484)
Opened 10 years ago
Closed 10 years ago
Fennec leaks profile path to logcat
Categories
(Firefox for Android Graveyard :: General, defect)
Tracking
(firefox26 wontfix, firefox27 fixed, firefox28 fixed, firefox29 fixed, firefox-esr24 unaffected)
RESOLVED
FIXED
Firefox 29
| Tracking | Status | |
|---|---|---|
| firefox26 | --- | wontfix |
| firefox27 | --- | fixed |
| firefox28 | --- | fixed |
| firefox29 | --- | fixed |
| firefox-esr24 | --- | unaffected |
People
(Reporter: rnewman, Assigned: rnewman)
References
Details
(Keywords: csectype-disclosure, sec-moderate, Whiteboard: [adv-main27+])
Attachments
(1 file)
|
4.17 KB,
patch
|
mfinkle
:
review+
lsblakk
:
approval-mozilla-aurora+
lsblakk
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
Kinda makes Bug 944373 unnecessary! Log.d(LOGTAG, "Found profile dir: " + mProfileDir.getAbsolutePath()); 12-29 21:40:07.011 D/GeckoProfile( 5655): Found profile dir: /data/data/org.mozilla.fennec_rnewman/files/mozilla/$hash.default
|
Assignee | |
Comment 1•10 years ago
|
||
Please note that I also used this vulnerability in the exploit of bug #944374. Also note that reading the logs of other apps is impossible in Jelly Bean and above.
|
||
Updated•10 years ago
|
Attachment #8352340 -
Flags: review?(mark.finkle) → review+
|
|
Assignee | |
Comment 3•10 years ago
|
||
https://hg.mozilla.org/integration/fx-team/rev/d531cccd308c
Target Milestone: --- → Firefox 29
|
|
Assignee | |
Comment 4•10 years ago
|
||
Comment on attachment 8352340 [details] [diff] [review] Proposed patch. v1 [Approval Request Comment] Bug caused by (feature/regressing bug #): Long time. User impact if declined: Profile paths leak to system log, which on less-modern Android versions gives other applications a head-start on fishing files (e.g., password databases) out of the user's profile directory. Testing completed (on m-c, etc.): Tested locally. Just landed. Risk to taking this patch (and alternatives if risky): ~0. Logging-only changes. String or IDL/UUID changes made by this patch: None.
Attachment #8352340 -
Flags: approval-mozilla-beta?
Attachment #8352340 -
Flags: approval-mozilla-aurora?
|
||
Comment 5•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/d531cccd308c
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
status-firefox27:
--- → affected
status-firefox28:
--- → affected
status-firefox29:
--- → fixed
Resolution: --- → FIXED
|
||
Updated•10 years ago
|
Attachment #8352340 -
Flags: approval-mozilla-beta?
Attachment #8352340 -
Flags: approval-mozilla-beta+
Attachment #8352340 -
Flags: approval-mozilla-aurora?
Attachment #8352340 -
Flags: approval-mozilla-aurora+
|
|
Assignee | |
Comment 6•10 years ago
|
||
https://hg.mozilla.org/releases/mozilla-aurora/rev/fe438b8e6dc5 https://hg.mozilla.org/releases/mozilla-beta/rev/4efbfe0c7320
|
||
Updated•10 years ago
|
status-firefox-esr24:
--- → unaffected
|
|
||
Updated•10 years ago
|
status-firefox26:
--- → wontfix
Whiteboard: [adv-main27+]
|
|
||
Updated•10 years ago
|
Alias: CVE-2014-1484
|
||
Updated•10 years ago
|
|
|
||
Updated•9 years ago
|
Group: core-security
|
||
Updated•3 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•