[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <cover.1401327752.git.luto@amacapital.net>
Date: Wed, 28 May 2014 18:43:59 -0700
From: Andy Lutomirski <luto@...capital.net>
To: Andy Lutomirski <luto@...capital.net>,
Philipp Kern <pkern@...gle.com>,
"H. Peter Anvin" <hpa@...ux.intel.com>,
linux-kernel@...r.kernel.org, "H. J. Lu" <hjl.tools@...il.com>,
Eric Paris <eparis@...hat.com>, security@...nel.org,
greg@...ah.com, linux-audit@...hat.com
Subject: [PATCH v2 0/2] Fix auditsc DoS and mark it BROKEN
CONFIG_AUDITSYSCALL is awful. Patch 2 enumerates some reasons.
Patch 1 fixes a nasty DoS and possible information leak. It should
be applied and backported.
Patch 2 is optional. I leave it to other peoples' judgment.
Andy Lutomirski (2):
auditsc: audit_krule mask accesses need bounds checking
audit: Move CONFIG_AUDITSYSCALL into staging and update help text
Andy Lutomirski (2):
auditsc: audit_krule mask accesses need bounds checking
audit: Mark CONFIG_AUDITSYSCALL BROKEN and update help text
init/Kconfig | 13 ++++++++-----
kernel/auditsc.c | 27 ++++++++++++++++++---------
2 files changed, 26 insertions(+), 14 deletions(-)
--
1.9.3
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists