Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 119563

Summary: Kernel: SDLA WAN driver privileges issue (CVE-2006-0096)
Product: Gentoo Security Reporter: Thierry Carrez (RETIRED) <koon>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: normal CC: security-kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Thierry Carrez (RETIRED) gentoo-dev 2006-01-19 08:44:42 UTC
The SDLA WAN driver did not restrict firmware upgrades to processes
that have the CAP_SYS_RAWIO kernel capability, it just required the
CAP_NET_ADMIN privilege. This could allow processes with the latter
privilege to update the SDLA firmware.  Please note that this does not
affect a standard Ubuntu installation, and this cannot be exploited by
a normal (unprivileged) user. At most, this flaw might be relevant for
installations that use a fine-grained capability granting system like
RSBAC, cap_over, or grsecurity. (CVE-2006-0096)
Comment 1 Tim Yamin (RETIRED) gentoo-dev 2006-01-22 16:14:36 UTC
Wow, this is really old (2.6.11 and 2.4.29) and doesn't affect us. Closing bug...