CVE-2008-1628

Name	CVE-2008-1628
Description	Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DTSA-123-1
Debian Bugs	475227

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
audit (PTS)	jessie	1:2.4-1	fixed
	stretch	1:2.6.7-2	fixed
	buster	1:2.8.4-3	fixed
	bullseye	1:3.0-2	fixed
	bookworm	1:3.0.9-1	fixed
	sid, trixie	1:4.0.2-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
audit	source	lenny	1.5.3-2+lenny1		DTSA-123-1
audit	source	(unstable)	1.5.3-2.1	medium		475227

auditd runs as root