[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2014-4508
From:       John Haxby <john.haxby () oracle ! com>
Date:       2020-11-12 18:10:46
Message-ID: 79EF808D-1EB1-496E-875E-003FF44B6B12 () oracle ! com
[Download RAW message or body]

Hello,

This is an old CVE but it was recently "rediscovered" [1].

CVE-2014-4508 is a memory leak in the auditing subsystem in the kernel.  =
On old 32 bit linux kernels that don't have [2] this memory leak turns =
out to be quite bad: you can trigger an out of memory condition that the =
system cannot recover from not matter how hard it tries.

If you believe you have such a kernel, please get in touch with me =
directly.

jch




[1] Thanks to Dan Moulding for bringing this to our attention
[2] 554086d85e71 ("x86_32, entry: Do syscall exit work on badsys =
(CVE-2014-4508)")

["signature.asc" (signature.asc)]

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iHUEAREIAB0WIQT+pxvb11CFWUkNSOVFC7t+lC+jyAUCX616pgAKCRBFC7t+lC+j
yIEsAP9HkdPad4mahCtd8yu7h35qxLYBpLP/HKx2ORorvQKqTgD/XyU55Vd6sSdj
TEFYP3EDrG2PQJMSpbmrPDfL2GjnLgI=
=TBLc
-----END PGP SIGNATURE-----


[prev in list] [next in list] [prev in thread] [next in thread]