Description of problem: Alan Cox has reported the followin issue in Tehuti network driver: <cite> Random auditing results tehuti has no security checks on the do_ioctl functions and it has ioctl methods for patch arbitary 32bit offset from registers with arbitary 32bit value. Nasty hole </cite> Additional info: The Tehuti network driver was introduced in 2.6.24 kernel: http://www.linuxhq.com/kernel/v2.6/24/drivers/net/tehuti.h Proposed patch: http://git2.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=f946dffed6334f08da065a89ed65026ebf8b33b4
Please apply first patch from BZ#444414 as these two affects one file and depend one on the other.
Patch in 2.6.25-13
kernel-2.6.24.7-92.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.