|
Message-ID: <20110224235430.GT4212@outflux.net> Date: Thu, 24 Feb 2011 15:54:30 -0800 From: Kees Cook <kees@...ntu.com> To: oss-security@...ts.openwall.com Subject: CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN Hi, While not as bad as CVE-2010-4661 (unprivileged module loading) I'd like to get a CVE assigned for this issue for tracking purposes: https://lkml.org/lkml/2011/2/24/203 Basically "ifconfig $module" will load any module as long as the process has CAP_NET_ADMIN (ignoring CAP_SYS_MODULE). -Kees -- Kees Cook Ubuntu Security Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.