[PATCH v5] audit: log nftables configuration change events once per table
Pablo Neira Ayuso
pablo at netfilter.org
Wed Mar 31 20:22:30 UTC 2021
On Fri, Mar 26, 2021 at 01:38:59PM -0400, Richard Guy Briggs wrote:
> Reduce logging of nftables events to a level similar to iptables.
> Restore the table field to list the table, adding the generation.
>
> Indicate the op as the most significant operation in the event.
There's a UAF, Florian reported. I'm attaching an incremental fix.
nf_tables_commit_audit_collect() refers to the trans object which
might have been already released.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix-uaf.patch
Type: text/x-diff
Size: 1079 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20210331/56726602/attachment.bin>
More information about the Linux-audit
mailing list