A flaw was found in the way net_ctl_permissions() function in the Linux kernel checked permissions. As a result, an unprivileged local user could potentially use this flaw to access files in /proc/sys/net in a way that he would otherwise be unable to. Acknowledgements: This issue was discovered by Miroslav Vadkerti of Red Hat. Introduced by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cff109768b2d9c03095848f4cd4b0754117262aa Fixed by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2433c8f094a008895e66f25bd1773cdb01c91d01
Fix in 3.11.5 onwards