oss-sec mailing list archives
CVE-2014-4508
From: John Haxby <john.haxby () oracle com>
Date: Thu, 12 Nov 2020 18:10:46 +0000
Hello, This is an old CVE but it was recently "rediscovered" [1]. CVE-2014-4508 is a memory leak in the auditing subsystem in the kernel. On old 32 bit linux kernels that don't have [2] this memory leak turns out to be quite bad: you can trigger an out of memory condition that the system cannot recover from not matter how hard it tries. If you believe you have such a kernel, please get in touch with me directly. jch [1] Thanks to Dan Moulding for bringing this to our attention [2] 554086d85e71 ("x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)")
Attachment:
signature.asc
Description: Message signed with OpenPGP
Current thread:
- CVE-2014-4508 John Haxby (Nov 12)