Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 28 May 2014 14:45:59 -0700
From: Andy Lutomirski <luto@...capital.net>
To: oss-security@...ts.openwall.com
Subject: CVE request: Linux kernel DoS with syscall auditing

Issuing a system call with a random large number will OOPS, depending
on configuration.  A configuration that will enable this bug is:

# auditctl -a exit,always -S open

No privilege whatsoever is required to trigger the OOPS.

It's possible that this can be extended to more than just a DoS --
with some care and willingness to exploit timing attacks, this is a
read of arbitrary single bits in kernel memory.

--Andy

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ