References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

audit: add fchmodat2() to change attributes class

fchmodat2(), introduced in version 6.6 is currently not in the change
attribute class of audit. Calling fchmodat2() to change a file
attribute in the same fashion than chmod() or fchmodat() will bypass
audit rules such as:

-w /tmp/test -p rwa -k test_rwa

The current patch adds fchmodat2() to the change attributes class.

https://git.kernel.org/stable/c/3e762a03713e8c25ca0108c075d662c897fc0623

https://git.kernel.org/stable/c/3ee75b13ea5f05ff9adc784b2464825bd70eb119

https://git.kernel.org/stable/c/4f493a6079b588cf1f04ce5ed6cdad45ab0d53dc

https://git.kernel.org/stable/c/4fed776ca86378da7dd743a7b648e20b025ba8ef

https://git.kernel.org/stable/c/57489a89657cc94bf6ad8427d1902daba9156aa1

https://git.kernel.org/stable/c/91e27bc79c3bca93c06bf5a471d47df9a35b3741

https://git.kernel.org/stable/c/c4334c0d0e7d6f02ed93756fd4ba807e3d00c05f

https://git.kernel.org/stable/c/f714315d7d68898d03093f67285256a8770f903c

https://www.bencteux.fr/posts/missing_syscalls_audit/