/[linux-patches]/genpatches-2.6/trunk/2.6.32/1500_econet-capable-SIOCSIFADDR-check.patch
Gentoo

Contents of /genpatches-2.6/trunk/2.6.32/1500_econet-capable-SIOCSIFADDR-check.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1839 - (show annotations) (download)
Thu Dec 9 00:35:49 2010 UTC (7 years, 9 months ago) by asn
File size: 913 byte(s)
CVE-2010-3850, CVE-2010-3849, CVE-2010-4258
1 From 16c41745c7b92a243d0874f534c1655196c64b74 Mon Sep 17 00:00:00 2001
2 From: Phil Blundell <philb@gnu.org>
3 Date: Wed, 24 Nov 2010 11:49:53 -0800
4 Subject: [PATCH] econet: fix CVE-2010-3850
5
6 Add missing check for capable(CAP_NET_ADMIN) in SIOCSIFADDR operation.
7
8 Signed-off-by: Phil Blundell <philb@gnu.org>
9 Signed-off-by: David S. Miller <davem@davemloft.net>
10 ---
11 net/econet/af_econet.c | 3 +++
12 1 files changed, 3 insertions(+), 0 deletions(-)
13
14 Index: linux-2.6.36-gentoo-r3/net/econet/af_econet.c
15 ===================================================================
16 --- linux-2.6.36-gentoo-r3.orig/net/econet/af_econet.c
17 +++ linux-2.6.36-gentoo-r3/net/econet/af_econet.c
18 @@ -671,6 +671,9 @@ static int ec_dev_ioctl(struct socket *s
19 err = 0;
20 switch (cmd) {
21 case SIOCSIFADDR:
22 + if (!capable(CAP_NET_ADMIN))
23 + return -EPERM;
24 +
25 edev = dev->ec_ptr;
26 if (edev == NULL) {
27 /* Magic up a new one. */

  ViewVC Help
Powered by ViewVC 1.1.20