oss-sec mailing list archives
Re: CVE request: Linux kernel DoS with syscall auditing
From: Andy Lutomirski <luto () amacapital net>
Date: Wed, 28 May 2014 15:30:04 -0700
On Wed, May 28, 2014 at 3:03 PM, Greg KH <greg () kroah com> wrote:
On Wed, May 28, 2014 at 02:51:16PM -0700, Andy Lutomirski wrote:On Wed, May 28, 2014 at 2:53 PM, Greg KH <greg () kroah com> wrote:On Wed, May 28, 2014 at 02:45:59PM -0700, Andy Lutomirski wrote:Issuing a system call with a random large number will OOPS, depending on configuration. A configuration that will enable this bug is: # auditctl -a exit,always -S open No privilege whatsoever is required to trigger the OOPS. It's possible that this can be extended to more than just a DoS -- with some care and willingness to exploit timing attacks, this is a read of arbitrary single bits in kernel memory.Is there a kernel fix for this anywhere?No, but there will be soon.Great, I see the thread on lkml now, thanks for the heads up.The correct fix is, IMO, CONFIG_AUDITSYSCALL=n. That code is garbage.No argument from me there...
Patch here: https://lkml.kernel.org/g/<833bd6cb411ad1d4e293629c6c34c4abca27a840.1401315521.git.luto () amacapital net> it's not the best-tested thing in the world. --Andy
Current thread:
- CVE request: Linux kernel DoS with syscall auditing Andy Lutomirski (May 28)
- Re: CVE request: Linux kernel DoS with syscall auditing Greg KH (May 28)
- Re: CVE request: Linux kernel DoS with syscall auditing Andy Lutomirski (May 28)
- Re: CVE request: Linux kernel DoS with syscall auditing Greg KH (May 28)
- Re: CVE request: Linux kernel DoS with syscall auditing Andy Lutomirski (May 28)
- Re: CVE request: Linux kernel DoS with syscall auditing Andy Lutomirski (May 28)
- Re: CVE request: Linux kernel DoS with syscall auditing Greg KH (May 28)
- Re: CVE request: Linux kernel DoS with syscall auditing Steve Grubb (May 28)
- Re: CVE request: Linux kernel DoS with syscall auditing Andy Lutomirski (May 28)
- Re: CVE request: Linux kernel DoS with syscall auditing cve-assign (May 29)
- Re: Re: CVE request: Linux kernel DoS with syscall auditing Steve Grubb (May 29)
- Re: CVE request: Linux kernel DoS with syscall auditing P J P (May 29)