Date: Thu, 25 Feb 2021 21:48:38 +0100 From: Salvatore Bonaccorso <carnil@...ian.org> To: oss-security@...ts.openwall.com Cc: Steve Grubb <sgrubb@...hat.com>, Felix Kosterhon <felix.kosterhon@...uinfra.com> Subject: Re: Vulnerability in the Linux Audit Framework Auditd Hi, On Thu, Feb 18, 2021 at 03:52:54PM +0000, Felix Kosterhon wrote: > Hello Mr. Grubb, > > thank you for your insight. > First and foremost we would like to clarify that our intent is not > to put blame on anyone but to improve the level of security for the > affected systems and the organisations utilising Auditd. > According to the rules.conf manual page, file-watch rules are meant > to monitor any accesses to files based on their permission level. > For the syscalls mentioned in this report this is not the case. > > RedHat Inc. shares our perspective on this issue and has assigned a > CVE for the vulnerability. Additionally they informed us that they > will work together with the Upstream Linux Kernel Developers on > behalf of fixing this issue. Is there a reference to this which can be followed/tracked? Asking because the Red Hat bugzilla entry for CVE-2020-35501 for now would still be restricted, but would like to get a better idea on how to track this issue within Debian. Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.