blob: b4500667a06a5e9a9059d8ed0271ab744462d595 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200807-14">
<title>Linux Audit: Buffer overflow</title>
A buffer overflow vulnerability in Linux Audit may allow local attackers to
execute arbitrary code.
<product type="ebuild">audit</product>
<announced>July 31, 2008</announced>
<revised>July 31, 2008: 01</revised>
<package name="sys-process/audit" auto="yes" arch="*">
<unaffected range="ge">1.7.3</unaffected>
<vulnerable range="lt">1.7.3</vulnerable>
Linux Audit is a set of userspace utilities for storing and processing
auditing records.
A stack-based buffer overflow has been reported in the
audit_log_user_command() function in the file lib/audit_logging.c when
processing overly long arguments.
<impact type="normal">
A local attacker could execute a specially crafted command on the host
running Linux Audit, possibly resulting in the execution of arbitrary
code with the privileges of the user running Linux Audit.
There is no known workaround at this time.
All Linux Audit users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=sys-process/audit-1.7.3&quot;</code>
<uri link="">CVE-2008-1628</uri>
<metadata tag="submitter" timestamp="Mon, 21 Jul 2008 20:07:20 +0000">
<metadata tag="bugReady" timestamp="Mon, 21 Jul 2008 20:07:28 +0000">