[Trusty][CVE-2014-3917] (upstream) auditsc: audit_krule mask accesses need bounds checking
Tim Gardner
tim.gardner at canonical.com
Thu Jul 24 20:06:50 UTC 2014
On 07/24/2014 01:36 PM, Rafael David Tinoco wrote:
> From 99424193549932e0b54a41c349a1aabbe85160be Mon Sep 17 00:00:00 2001
> From: Andy Lutomirski <luto at amacapital.net>
> Date: Wed, 28 May 2014 23:09:58 -0400
> Subject: auditsc: audit_krule mask accesses need bounds checking
>
> CVE-2014-3917
>
> BugLink: http://bugs.launchpad.net/bugs/1302605
>
> auditsc: audit_krule mask accesses need bounds checking
>
> Fixes an easy DoS and possible information disclosure.
>
> This does nothing about the broken state of x32 auditing.
>
> eparis: If the admin has enabled auditd and has specifically loaded
> audit rules. This bug has been around since before git. Wow...
>
> OriginalAuthor: Andy Lutomirski <luto at amacapital.net>
> Signed-off-by: Andy Lutomirski <luto at amacapital.net>
> (cherry-picked from commit a3c54931199565930d6d84f4c3456f6440aefd41 v3.16-rc6)
> Signed-off-by: Eric Paris <eparis at redhat.com>
> Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
> Signed-off-by: Rafael David Tinoco <rafael.tinoco at canonical.com>
> ---
> kernel/auditsc.c | 27 ++++++++++++++++++---------
> 1 file changed, 18 insertions(+), 9 deletions(-)
>
This patch is already in trusty master-next.
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list