[PATCH v2 0/2] Fix auditsc DoS and mark it BROKEN
From: Andy Lutomirski
Date: Wed May 28 2014 - 21:44:40 EST
CONFIG_AUDITSYSCALL is awful. Patch 2 enumerates some reasons.
Patch 1 fixes a nasty DoS and possible information leak. It should
be applied and backported.
Patch 2 is optional. I leave it to other peoples' judgment.
Andy Lutomirski (2):
auditsc: audit_krule mask accesses need bounds checking
audit: Move CONFIG_AUDITSYSCALL into staging and update help text
Andy Lutomirski (2):
auditsc: audit_krule mask accesses need bounds checking
audit: Mark CONFIG_AUDITSYSCALL BROKEN and update help text
init/Kconfig | 13 ++++++++-----
kernel/auditsc.c | 27 ++++++++++++++++++---------
2 files changed, 26 insertions(+), 14 deletions(-)
--
1.9.3
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/