Red Hat Bugzilla – Bug 252309
CVE-2007-4308 kernel: Missing ioctl() permission checks in aacraid driver
Last modified: 2011-09-28 16:29:52 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4308
to the following vulnerability:
The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.
All children bugs have been closed, parent is no longer needed.