DescriptionThe audit system in Linux kernel 2.6.6, and other versions before 22.214.171.124, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- SUSE-SA:2005:067, published Tue, 06 Dec 2005 13:00:00 +0000