Hi, I found this in an Ubuntu advisory, no CVE assignment seems yet to have been made.
Robert Derr discovered a memory leak in the system call auditing code. On a kernel which has the CONFIG_AUDITSYSCALL option enabled, this leads to memory exhaustion and eventually a Denial of Service. A local attacker could also speed this up by excessively calling system calls. This only affects customized kernels built from the kernel source packages. The standard Ubuntu kernel does not have the CONFIG_AUDITSYSCALL option enabled, and is therefore not affected by this. (http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=829841146878e082613a49581ae252c071057c23) Cheers, Moritz _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
