CVE-2008-1628

Publication date 2 April 2008

Last updated 24 July 2024

Ubuntu priority

Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
audit	8.04 LTS hardy	Fixed 1.6.5-0ubuntu3
	7.10 gutsy	Fixed 1.5.4-0ubuntu1.1
	7.04 feisty	Not in release
	6.10 edgy	Not in release
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?
Patch details

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
audit	Debdiff: https://bugs.launchpad.net/ubuntu/gutsy/+source/audit/+bug/216117

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2008-1628