Bug 440275 (CVE-2008-1628)
Summary: | CVE-2008-1628 audit: audit_log_user_command() Buffer Overflow | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NEXTRELEASE | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | sgrubb |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-04-04 07:50:40 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 438840, 438844 | ||
Bug Blocks: |
Description
Tomas Hoger
2008-04-02 15:52:21 UTC
Further clarification from Steve Grubb: Vulnerable function audit_log_user_command() was added in audit 1.4, hence problem exists in Red Hat Enterprise Linux 5.1 and Fedora 7 and later. However, the only application that currently known to use this interface is sudo, and only in version currently in Fedora Rawhide/devel. No application in Red Hat Enterprise Linux 5.1 uses this audit function and is affected by this problem. Additionally, this buffer overflow is caught by FORTIFY_SOURCE, so the privilege escalation is not possible, this only can cause an application crash. Crash of sudo is not considered a security issue. Due to this, this issue will not be treated as security sensitive and will be addressed in updated audit packages in Red Hat Enterprise Linux 5.2 as non-security bug fix. audit-1.6.8-4.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. |