Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 20 Feb 2009 15:30:34 +0800
From: Eugene Teo <>
Cc: "Steven M. Christey" <>
Subject: CVE request: kernel: skfp_ioctl inverted logic flaw

According to the upstream commit
c25b9abbc2c2c0da88e180c3933d6e773245815a "[PATCH] drivers/net/skfp: if
!capable(CAP_NET_ADMIN): inverted logic", there is an inverted logic
flaw in skfp_ioctl(). Non-privileged users should not be able to clear
the driver statistics.;a=commit;h=c25b9abb

Thanks, Eugene

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ