Re: [PATCH 1/2] auditsc: audit_krule mask accesses need bounds checking

From: Greg KH
Date: Mon Jun 09 2014 - 18:27:17 EST


On Wed, May 28, 2014 at 11:09:58PM -0400, Eric Paris wrote:
> From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
>
> Fixes an easy DoS and possible information disclosure.
>
> This does nothing about the broken state of x32 auditing.
>
> eparis: If the admin has enabled auditd and has specifically loaded audit
> rules. This bug has been around since before git. Wow...
>
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
> Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
> ---
> kernel/auditsc.c | 27 ++++++++++++++++++---------
> 1 file changed, 18 insertions(+), 9 deletions(-)

Did this patch get dropped somewhere? Isn't it a valid bugfix, or did I
miss a later conversation about this?

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/