oss-sec mailing list archives
CVE Request: more tight ioctl permissions in dl2k driver
From: Marcus Meissner <meissner () suse de>
Date: Fri, 4 May 2012 09:31:44 +0200
Hi, Can you please assign a CVE for this issue: Stephan Mueller reported lack of capable(CAP_NET_ADMIN) checks in private ioctls in the dl2k network card driver. The netdev team will probably remove the handling of the SIOCDEVPRIVATE* calls from this driver though and not use Jeffs patch directly. References: http://www.spinics.net/lists/netdev/msg196365.html http://www.spinics.net/lists/netdev/msg196381.html http://www.spinics.net/lists/netdev/msg196382.html https://bugzilla.novell.com/show_bug.cgi?id=758813 Ciao, Marcus
Current thread:
- CVE Request: more tight ioctl permissions in dl2k driver Marcus Meissner (May 04)
- Re: CVE Request: more tight ioctl permissions in dl2k driver Marcus Meissner (May 04)
- Re: CVE Request: more tight ioctl permissions in dl2k driver Kurt Seifried (May 04)
- Re: CVE Request: more tight ioctl permissions in dl2k driver Florian Weimer (May 04)
- Re: CVE Request: more tight ioctl permissions in dl2k driver Marcus Meissner (May 07)