On Mon, Oct 10, 2005 at 09:45:01PM +0200, Moritz Muehlenhoff wrote:> Hi, > I found this in an Ubuntu advisory, no CVE assignment seems yet to have > been made. > > Robert Derr discovered a memory leak in the system call auditing code. > On a kernel which has the CONFIG_AUDITSYSCALL option enabled, this > leads to memory exhaustion and eventually a Denial of Service. A local > attacker could also speed this up by excessively calling system calls. > This only affects customized kernels built from the kernel source > packages. The standard Ubuntu kernel does not have the > CONFIG_AUDITSYSCALL option enabled, and is therefore not affected by > this. > (http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=829841146878e082613a49581ae252c071057c23)Thanks, I have put that in here for now http://svn.debian.org/wsvn/kernel/people/horms/patch_notes/misc/auditsyscall_leak?op=file&rev=0&sc=0 -- Horms
Moritz Muehlenhoff
2006-Mar-13 12:28 UTC
[Secure-testing-team] Another kernel vulnerability
Hi,
I found this in an Ubuntu advisory, no CVE assignment seems yet to have
been made.
Robert Derr discovered a memory leak in the system call auditing code.
On a kernel which has the CONFIG_AUDITSYSCALL option enabled, this
leads to memory exhaustion and eventually a Denial of Service. A local
attacker could also speed this up by excessively calling system calls.
This only affects customized kernels built from the kernel source
packages. The standard Ubuntu kernel does not have the
CONFIG_AUDITSYSCALL option enabled, and is therefore not affected by
this.
(http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=829841146878e082613a49581ae252c071057c23)
Cheers,
Moritz