[go: up one dir, main page]
|
|
Log in / Subscribe / Register

[PATCH v2 0/2] Fix auditsc DoS and mark it BROKEN

[Posted May 29, 2014 by corbet]

From:  Andy Lutomirski <luto-AT-amacapital.net>
To:  Andy Lutomirski <luto-AT-amacapital.net>, Philipp Kern <pkern-AT-google.com>, "H. Peter Anvin" <hpa-AT-linux.intel.com>, linux-kernel-AT-vger.kernel.org, "H. J. Lu" <hjl.tools-AT-gmail.com>, Eric Paris <eparis-AT-redhat.com>, security-AT-kernel.org, greg-AT-kroah.com, linux-audit-AT-redhat.com
Subject:  [PATCH v2 0/2] Fix auditsc DoS and mark it BROKEN
Date:  Wed, 28 May 2014 18:43:59 -0700
Message-ID:  <cover.1401327752.git.luto@amacapital.net>
Archive‑link:  Article

CONFIG_AUDITSYSCALL is awful.  Patch 2 enumerates some reasons.

Patch 1 fixes a nasty DoS and possible information leak.  It should
be applied and backported.

Patch 2 is optional.  I leave it to other peoples' judgment.

Andy Lutomirski (2):
  auditsc: audit_krule mask accesses need bounds checking
  audit: Move CONFIG_AUDITSYSCALL into staging and update help text

Andy Lutomirski (2):
  auditsc: audit_krule mask accesses need bounds checking
  audit: Mark CONFIG_AUDITSYSCALL BROKEN and update help text

 init/Kconfig     | 13 ++++++++-----
 kernel/auditsc.c | 27 ++++++++++++++++++---------
 2 files changed, 26 insertions(+), 14 deletions(-)

-- 
1.9.3

to post comments


Copyright © 2014, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds