CVE-2008-3525

Priority
Low
Description
The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in
the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability
before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3)
SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local
users to bypass intended capability restrictions.
Ubuntu-Description
It was discovered that the SBNI WAN driver did not correctly check
for the NET_ADMIN capability. A malicious local root user lacking
CAP_NET_ADMIN would be able to change the WAN device configuration,
leading to a denial of service.
References
Assigned-to
smb_tp
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (2.6.24-21.43)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:18:59 UTC (commit 5347)