2
Candidate: CVE-2008-3525
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3525
5
https://usn.ubuntu.com/usn/usn-659-1
7
The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in
8
the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability
9
before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3)
10
SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local
11
users to bypass intended capability restrictions.
13
It was discovered that the SBNI WAN driver did not correctly check
14
for the NET_ADMIN capability. A malicious local root user lacking
15
CAP_NET_ADMIN would be able to change the WAN device configuration,
16
leading to a denial of service.
23
Patches_linux-source-2.6.15:
24
upstream_linux-source-2.6.15: needs-triage
25
dapper_linux-source-2.6.15: released (2.6.15-52.73)
26
feisty_linux-source-2.6.15: DNE
27
gutsy_linux-source-2.6.15: DNE
28
hardy_linux-source-2.6.15: DNE
29
devel_linux-source-2.6.15: DNE
31
Patches_linux-source-2.6.20:
32
upstream_linux-source-2.6.20: needs-triage
33
dapper_linux-source-2.6.20: DNE
34
feisty_linux-source-2.6.20: active
35
gutsy_linux-source-2.6.20: DNE
36
hardy_linux-source-2.6.20: DNE
37
devel_linux-source-2.6.20: DNE
39
Patches_linux-source-2.6.22:
40
upstream_linux-source-2.6.22: needs-triage
41
dapper_linux-source-2.6.22: DNE
42
feisty_linux-source-2.6.22: DNE
43
gutsy_linux-source-2.6.22: released (2.6.22-15.59)
44
hardy_linux-source-2.6.22: DNE
45
devel_linux-source-2.6.22: DNE
48
upstream_linux: needs-triage
52
hardy_linux: released (2.6.24-21.43)
53
devel_linux: not-affected