Date: Wed, 4 Nov 2015 10:11:16 -0500 (EST) From: Vladis Dronov <vdronov@...hat.com> To: oss-security@...ts.openwall.com Cc: Petr Matousek <pmatouse@...hat.com> Subject: CVE request -- Linux kernel: selinux: rate-limit unrecognized netlink message warnings in selinux_nlmsg_perm() It was found that the kernel produces unlimited number of warning messages in case certain malformed NETLINK packets are received. A local, unprivileged user could generate such packets unlimitedly and potentially flood the kernel and the system log with excessive warning messages. Upstream patch proposal: http://article.gmane.org/gmane.linux.kernel.lsm/25958 References: https://bugzilla.redhat.com/show_bug.cgi?id=1278005 Thanks, Vladis
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.