oss-sec mailing list archives
CVE Request: kernel ebtables perm check
From: dann frazier <dannf () dannf org>
Date: Wed, 13 Jan 2010 17:54:51 -0700
Has a CVE been assigned for this issue yet? commit dce766af541f6605fa9889892c0280bab31c66ab Author: Florian Westphal <fwestphal () astaro com> Date: Fri Jan 8 17:31:24 2010 +0100 netfilter: ebtables: enforce CAP_NET_ADMIN normal users are currently allowed to set/modify ebtables rules. Restrict it to processes with CAP_NET_ADMIN. Note that this cannot be reproduced with unmodified ebtables binary because it uses SOCK_RAW. Signed-off-by: Florian Westphal <fwestphal () astaro com> Cc: stable () kernel org Signed-off-by: Patrick McHardy <kaber () trash net>
Current thread:
- CVE Request: kernel ebtables perm check dann frazier (Jan 13)
- Re: CVE Request: kernel ebtables perm check Eugene Teo (Jan 13)