Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 29 May 2014 18:34:16 +0530 (IST)
From: P J P <ppandit@...hat.com>
To: oss security list <oss-security@...ts.openwall.com>
Subject: Re: CVE request: Linux kernel DoS with syscall
 auditing

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

+-- On Wed, 28 May 2014, Andy Lutomirski wrote --+
| # auditctl -a exit,always -S open
| No privilege whatsoever is required to trigger the OOPS.

  I don't mean to nitpick but privileges would be required to add system call 
audit rules using auditctl(8). Mentioning it here as that's a precondition to 
trigger the said OOPS.

Thank you.
- --
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJThzBQAAoJEN0TPTL+WwQfM8wP/i4S9d5veuZ1n8YZDP9baTJs
vrBRy0t82/emDthALbI0laWB1vSK2VepckMzl65fmlm9bDveKADTvjjijdEvbxoR
KerSYoqIoMrZpbACGDyr8y0YIen39QiJhXdgHWukCJu6KxhQpgA5MlF6V4HEvYG/
d4wllITmxhihlQmdoq9HmCSkMxrWOAWiWkHxR+5XD4pNgUGtXMMzg1oadS1WQ4UK
t8K3ScEyo58FUsz5QiJtLcKC5X+KFlmKpf7uJgkFGWjWOiEj/O+p4n5aKyv6isBC
Jo967Gn1sN07VCcGZB60szliT8Fr57m4SETtadzNBnaInk4EXhmglMYi0suyHgPS
BuLVhf00zVT2QSLE1YFONQxjrZYaF2LatjKySZ0tegEYTv1LBWCpUW+5sIZQBHa/
2pxFbPi4TpfCckW/mP2gmElopv+rYHzkI4XrAxdKo91kZlFNM192n1LpthWcCQ5V
EPT8iUt0wHhUoC9d2PxP1oQvSPpyUGLghSupOFBOW1Tm5aBpt0dP0BzXtGZl2qHc
c+2cwpj3INQfIKdEwQsev8YscjxDrReBRK57fyKr9xKvhkNd2uRMjeSjS30tCIEw
obgeJbPZNts/nMiKgb7SM3vXaJpHVxvOa8yW4hl/GaRYb3Gurjv7Z27iHiQa9utb
3/jZ68Ww1yfp/28Ng4jw
=df0E
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.