|
Message-ID: <alpine.LFD.2.10.1405291823090.18896@wniryva.cad.erqung.pbz> Date: Thu, 29 May 2014 18:34:16 +0530 (IST) From: P J P <ppandit@...hat.com> To: oss security list <oss-security@...ts.openwall.com> Subject: Re: CVE request: Linux kernel DoS with syscall auditing -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +-- On Wed, 28 May 2014, Andy Lutomirski wrote --+ | # auditctl -a exit,always -S open | No privilege whatsoever is required to trigger the OOPS. I don't mean to nitpick but privileges would be required to add system call audit rules using auditctl(8). Mentioning it here as that's a precondition to trigger the said OOPS. Thank you. - -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJThzBQAAoJEN0TPTL+WwQfM8wP/i4S9d5veuZ1n8YZDP9baTJs vrBRy0t82/emDthALbI0laWB1vSK2VepckMzl65fmlm9bDveKADTvjjijdEvbxoR KerSYoqIoMrZpbACGDyr8y0YIen39QiJhXdgHWukCJu6KxhQpgA5MlF6V4HEvYG/ d4wllITmxhihlQmdoq9HmCSkMxrWOAWiWkHxR+5XD4pNgUGtXMMzg1oadS1WQ4UK t8K3ScEyo58FUsz5QiJtLcKC5X+KFlmKpf7uJgkFGWjWOiEj/O+p4n5aKyv6isBC Jo967Gn1sN07VCcGZB60szliT8Fr57m4SETtadzNBnaInk4EXhmglMYi0suyHgPS BuLVhf00zVT2QSLE1YFONQxjrZYaF2LatjKySZ0tegEYTv1LBWCpUW+5sIZQBHa/ 2pxFbPi4TpfCckW/mP2gmElopv+rYHzkI4XrAxdKo91kZlFNM192n1LpthWcCQ5V EPT8iUt0wHhUoC9d2PxP1oQvSPpyUGLghSupOFBOW1Tm5aBpt0dP0BzXtGZl2qHc c+2cwpj3INQfIKdEwQsev8YscjxDrReBRK57fyKr9xKvhkNd2uRMjeSjS30tCIEw obgeJbPZNts/nMiKgb7SM3vXaJpHVxvOa8yW4hl/GaRYb3Gurjv7Z27iHiQa9utb 3/jZ68Ww1yfp/28Ng4jw =df0E -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.