Seems that all kernels and net-misc/e100 are affected. There were reports (from guys in altlinux) that this problem could hardly be exploitable but in any case better to double check, fix and be safe. :) Summary from the URL: Title: Intel
Seems that all kernels and net-misc/e100 are affected. There were reports (from guys in altlinux) that this problem could hardly be exploitable but in any case better to double check, fix and be safe. :) Summary from the URL: Title: Intel® LAN Driver Buffer Overflow Local Privilege Escalation Intel ID: INTEL-sa-00004 Product family: Intel® Network Protocol Drivers for Intel® Network Adapters Impact of vulnerability: Elevation of Privilege Severity rating: Important Original release: Dec 5, 2006 Details Summary: A vulnerability exists in all PCI, PCI-X and PCIe Intel network adapter drivers that could allow unprivileged code executing on an affected system to perform a local privilege escalation. Description: This vulnerability is due to a buffer overflow that could be caused by incorrect use of a function call. This condition could allow unauthorized code to be introduced that could be run with kernel-level privileges. Affected products: Product Family OS Intel PRO 10/100 Adapters Affected: <3.5.14 Corrected: >=3.5.17 Intel PRO/1000 Adapters Affected: <7.2.7 Corrected: >=7.3.15 Intel PRO/10GbE Adapters Affected: <1.0.109 Corrected: >=1.0.119
According to upstream this is only "exploitable" by root on Linux. Upstream site should be updated shortly. I think we can close this one.
Upstream page updated to reflect that only Windows is affected.
(In reply to comment #2) > Upstream page updated to reflect that only Windows is affected. > http://research.eeye.com/html/advisories/published/AD20061207.html agrees. Closing as invalid, then. Feel free to reopen if there is another news or if you disagree.
