Bug 1251621 (CVE-2015-5186) - CVE-2015-5186 Audit: log terminal emulator escape sequences handling
Summary: CVE-2015-5186 Audit: log terminal emulator escape sequences handling
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2015-5186
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1400791
Blocks: 1251622 1386080
TreeView+ depends on / blocked
 
Reported: 2015-08-07 23:54 UTC by Kurt Seifried
Modified: 2023-05-12 19:52 UTC (History)
17 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-07-12 13:04:00 UTC
Embargoed:


Attachments (Terms of Use)
Patch fixing unescaped control characters (27.04 KB, patch)
2015-08-10 23:39 UTC, Steve Grubb
no flags Details | Diff

Description Kurt Seifried 2015-08-07 23:54:44 UTC
Steve Grubb of Red Hat reports:

When auditing the filesystem the names of files are logged. These filenames 
can contain escape sequences, when viewed using the ausearch programs "-i" 
option for example this can result in the escape sequences being processed 
unsafely by the terminal program being used to view the data.

Comment 1 Steve Grubb 2015-08-10 23:39:56 UTC
Created attachment 1061284 [details]
Patch fixing unescaped control characters

This patch will be applied upstream. Please share with other distributions. The older the audit package, the more likely they will have problems back porting.

Comment 2 Kurt Seifried 2015-08-13 20:58:44 UTC
This has been corrected upstream with the following commit:

https://fedorahosted.org/audit/changeset/1122

Comment 4 Kurt Seifried 2015-08-26 14:35:00 UTC
Acknowledgement:

This issue was discovered by Steve Grubb of Red Hat.

Comment 9 Product Security DevOps Team 2019-07-12 13:04:00 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2015-5186


Note You need to log in before you can comment on or make changes to this bug.