oss-sec mailing list archives
Re: CVE-2014-0181: Linux network reconfiguration due to incorrect netlink checks
From: Andy Lutomirski <luto () amacapital net>
Date: Tue, 22 Apr 2014 20:01:53 -0700
On Apr 22, 2014 2:37 PM, "Andy Lutomirski" <luto () amacapital net> wrote:
It is possible to reconfigure the network on Linux by calling write(2) on an appropriately connected network socket. By passing such a socket as stdout or stderr to a setuid program, anyone can reconfigure the network.
s/network socket/netlink socket
Eric Biederman sent patches to netdev containing a possible fix. -- Andy Lutomirski AMA Capital Management, LLC
Current thread:
- CVE-2014-0181: Linux network reconfiguration due to incorrect netlink checks Andy Lutomirski (Apr 22)
- Re: CVE-2014-0181: Linux network reconfiguration due to incorrect netlink checks Andy Lutomirski (Apr 22)
- Re: CVE-2014-0181: Linux network reconfiguration due to incorrect netlink checks cve-assign (Apr 23)
- Re: CVE-2014-0181: Linux network reconfiguration due to incorrect netlink checks Andy Lutomirski (Apr 23)
- Re: CVE-2014-0181: Linux network reconfiguration due to incorrect netlink checks Eric W. Biederman (Apr 23)
- Re: CVE-2014-0181: Linux network reconfiguration due to incorrect netlink checks cve-assign (Apr 23)
- Re: CVE-2014-0181: Linux network reconfiguration due to incorrect netlink checks Andy Lutomirski (Apr 28)
- Re: CVE-2014-0181: Linux network reconfiguration due to incorrect netlink checks Andy Lutomirski (Apr 22)