[PATCH 1/2] auditsc: audit_krule mask accesses need bounds checking
Greg KH
gregkh at linuxfoundation.org
Mon Jun 9 22:30:57 UTC 2014
On Wed, May 28, 2014 at 11:09:58PM -0400, Eric Paris wrote:
> From: Andy Lutomirski <luto at amacapital.net>
>
> Fixes an easy DoS and possible information disclosure.
>
> This does nothing about the broken state of x32 auditing.
>
> eparis: If the admin has enabled auditd and has specifically loaded audit
> rules. This bug has been around since before git. Wow...
>
> Cc: stable at vger.kernel.org
> Signed-off-by: Andy Lutomirski <luto at amacapital.net>
> Signed-off-by: Eric Paris <eparis at redhat.com>
> ---
> kernel/auditsc.c | 27 ++++++++++++++++++---------
> 1 file changed, 18 insertions(+), 9 deletions(-)
Did this patch get dropped somewhere? Isn't it a valid bugfix, or did I
miss a later conversation about this?
thanks,
greg k-h
More information about the Linux-audit
mailing list