Vulnerabilities

CVE-2010-3850

by Fred · 30/12/2010

The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.

Date published : 2010-12-30

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=16c41745c7b92a243d0874f534c1655196c64b74

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2

Similar

Tags: Cybersecurity Alert