Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Re: Vulnerability in the Linux Audit Framework Auditd

Related Vulnerabilities: CVE-2020-35501  
Source 
                							

                <!--X-Body-Begin-->
<!--X-User-Header-->

oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->

By Date

By Thread

</form>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: Vulnerability in the Linux Audit Framework Auditd

<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->

From: Salvatore Bonaccorso &lt;carnil () debian org&gt;

Date: Thu, 25 Feb 2021 21:48:38 +0100

<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->

<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
Hi,

On Thu, Feb 18, 2021 at 03:52:54PM +0000, Felix Kosterhon wrote:
Hello Mr. Grubb,
 
thank you for your insight.
First and foremost we would like to clarify that our intent is not
to put blame on anyone but to improve the level of security for the
affected systems and the organisations utilising Auditd.
According to the rules.conf manual page, file-watch rules are meant
to monitor any accesses to files based on their permission level.
For the syscalls mentioned in this report this is not the case.
 
RedHat Inc. shares our perspective on this issue and has assigned a
CVE for the vulnerability. Additionally they informed us that they
will work together with the Upstream Linux Kernel Developers on
behalf of fixing this issue.

Is there a reference to this which can be followed/tracked? Asking
because the Red Hat bugzilla entry for CVE-2020-35501 for now would
still be restricted, but would like to get a better idea on how to
track this issue within Debian.

Regards,
Salvatore

<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->

<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->

By Date

By Thread

Current thread:

Vulnerability in the Linux Audit Framework Auditd Felix Kosterhon (Feb 18)

Re: Vulnerability in the Linux Audit Framework Auditd Steve Grubb (Feb 18)

Re: Vulnerability in the Linux Audit Framework Auditd Felix Kosterhon (Feb 18)

Re: Vulnerability in the Linux Audit Framework Auditd Salvatore Bonaccorso (Feb 25)
Re: Vulnerability in the Linux Audit Framework Auditd Steve Grubb (Mar 02)

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started