[kernel-sec-discuss] r3332 - active
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Apr 29 05:44:45 UTC 2014
Author: jmm
Date: 2014-04-29 05:44:45 +0000 (Tue, 29 Apr 2014)
New Revision: 3332
Added:
active/CVE-2014-0181
Log:
new netlink issue
Added: active/CVE-2014-0181
===================================================================
--- active/CVE-2014-0181 (rev 0)
+++ active/CVE-2014-0181 2014-04-29 05:44:45 UTC (rev 3332)
@@ -0,0 +1,11 @@
+Description: It is possible to reconfigure the network on Linux by calling write(2) on an appropriately connected netlink socket. By passing such a socket as stdout or stderr to a setuid program, anyone can reconfigure the network.
+References:
+ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=90f62cf30a78721641e08737bda787552428061e
+Notes:
+Bugs:
+upstream: needed
+2.6.32-upstream-stable:
+sid:
+3.2-wheezy-security:
+2.6.32-squeeze-security:
+3.2-upstream-stable:
\ No newline at end of file
More information about the kernel-sec-discuss
mailing list