Bugzilla – Bug 49082
VUL-0: CVE-2004-0972: lvm: tmp file handling
Last modified: 2021-10-04 08:29:27 UTC
a customer reported a security problem with a shell script.
verbose "using $DEVRAM as a temporary loopback file"
#thx for that info
dd if=/dev/zero of=$DEVRAM count=$INITRDSIZE bs=1024
> /dev/null 2>&1
How/when is this script used?
<!-- SBZ_reproduce -->
If the user calls it.
So, we need an update. I will attach the patchinfo files in the next few
You are aware that everybody that call this script on a SuSE system, will
render his system unbootable anyway? This script is part of regular LVM
distribution and creates a initrd that is able to use LVM as root filesystem.
I am almost completely sure that it will not work on a SuSE system.
On SuSE LVM as root works out of the box when configured by YaST2. The only
reason I added this script is for people to look at it as an example if they
want to create their own initrd for some special reason.
If this script serves as an example can you add a comment to it
about the insecurity of the file creation for STABLE please.
If done, please close this entry.
The only lvm relevant on STABLE is lvm2 (which does not contain such
a script at all). Probably plain old lvm is still present but it will not be
available on a distribution based on kernel 2.6 since lvm1 will never be ported
to kernel 2.6 and lvm2 is able to read the on-disk information of old lvm.
Anyway I removed the script from lvm package on STABLE, since YaST2/mk_initrd
is able to create a initrd suitable for LVM root it has lost its value anyway.
People should better look into mk_initrd if they need to create a special
CVE-2004-0972: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)