Red Hat Bugzilla – Bug 444416
CVE-2008-1675 kernel: [netdrvr] tehuti: move ioctl perm check closer to function start
Last modified: 2008-05-14 17:31:57 EDT
Description of problem:
Alan Cox has reported the followin issue in Tehuti network driver:
Random auditing results
tehuti has no security checks on the do_ioctl functions and
it has ioctl methods for patch arbitary 32bit offset from
registers with arbitary 32bit value. Nasty hole
The Tehuti network driver was introduced in 2.6.24 kernel:
Please apply first patch from BZ#444414 as these two affects one file
and depend one on the other.
Patch in 2.6.25-13
kernel-188.8.131.52-92.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.