Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 4 Nov 2015 10:11:16 -0500 (EST)
From: Vladis Dronov <vdronov@...hat.com>
To: oss-security@...ts.openwall.com
Cc: Petr Matousek <pmatouse@...hat.com>
Subject: CVE request -- Linux kernel: selinux: rate-limit unrecognized
 netlink message warnings in selinux_nlmsg_perm()

It was found that the kernel produces unlimited number of warning
messages in case certain malformed NETLINK packets are received.

A local, unprivileged user could generate such packets unlimitedly
and potentially flood the kernel and the system log with excessive
warning messages.

Upstream patch proposal:
http://article.gmane.org/gmane.linux.kernel.lsm/25958

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1278005

Thanks,
Vladis

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ