When the audit=1 kernel parameter is absent and auditd is not running,
AUDIT_USER_AVC messages are being silently discarded.
AUDIT_USER_AVC messages should be sent to userspace using printk(), as
mentioned in the commit message of 4a4cd633 ("AUDIT: Optimise the
audit-disabled case for discarding user messages").
When audit_enabled is 0, audit_receive_msg() discards all user messages
except for AUDIT_USER_AVC messages. However, audit_log_common_recv_msg()
refuses to allocate an audit_buffer if audit_enabled is 0. The fix is to
special case AUDIT_USER_AVC messages in both functions.
It looks like commit 50397bd1 ("[AUDIT] clean up audit_receive_msg()")
introduced this bug.
Cc: <email address hidden> # v2.6.25+
Signed-off-by: Tyler Hicks <email address hidden>
Cc: Al Viro <email address hidden>
Cc: Eric Paris <email address hidden>
Cc: <email address hidden>
Acked-by: Kees Cook <email address hidden>
Signed-off-by: Richard Guy Briggs <email address hidden>
Signed-off-by: Eric Paris <email address hidden>
(cherry picked from commit 0868a5e150bc4c47e7a003367cd755811eb41e0b)
Signed-off-by: Tim Gardner <email address hidden>
Ignore: yes
Signed-off-by: Andy Whitcroft <email address hidden>
f541202...
by
"Wang, Xiaoming" <email address hidden>
net: ipv4: current group_info should be put after using.
Plug a group_info refcount leak in ping_init.
group_info is only needed during initialization and
the code failed to release the reference on exit.
While here move grabbing the reference to a place
where it is actually needed.
Signed-off-by: Chuansheng Liu <email address hidden>
Signed-off-by: Zhang Dongxing <email address hidden>
Signed-off-by: xiaoming wang <email address hidden>
Signed-off-by: David S. Miller <email address hidden>
(backported from commit b04c46190219a4f845e46a459e3102137b7f6cac)
Conflicts:
net/ipv4/ping.c
CVE-2014-2851
BugLink: http://bugs.launchpad.net/bugs/1312994
Signed-off-by: Tyler Hicks <email address hidden>
Signed-off-by: Andy Whitcroft <email address hidden>