[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Vulnerability in the Linux Audit Framework Auditd
From:       Salvatore Bonaccorso <carnil () debian ! org>
Date:       2021-02-25 20:48:38
Message-ID: YDgNJsbBFtYumXCp () eldamar ! lan
[Download RAW message or body]

Hi,

On Thu, Feb 18, 2021 at 03:52:54PM +0000, Felix Kosterhon wrote:
> Hello Mr. Grubb,
>  
> thank you for your insight.
> First and foremost we would like to clarify that our intent is not
> to put blame on anyone but to improve the level of security for the
> affected systems and the organisations utilising Auditd.
> According to the rules.conf manual page, file-watch rules are meant
> to monitor any accesses to files based on their permission level.
> For the syscalls mentioned in this report this is not the case.
>  
> RedHat Inc. shares our perspective on this issue and has assigned a
> CVE for the vulnerability. Additionally they informed us that they
> will work together with the Upstream Linux Kernel Developers on
> behalf of fixing this issue.

Is there a reference to this which can be followed/tracked? Asking
because the Red Hat bugzilla entry for CVE-2020-35501 for now would
still be restricted, but would like to get a better idea on how to
track this issue within Debian.

Regards,
Salvatore
[prev in list] [next in list] [prev in thread] [next in thread]