LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: unfiltered netdev rio_ioctl access by users

Package(s):kernel CVE #(s):CVE-2012-2313
Created:May 14, 2012 Updated:December 19, 2012
Description: From the Red Hat bugzilla:

The dl2k driver's rio_ioctl call has a few issues:

  • - No permissions checking
  • - Implements SIOCGMIIREG and SIOCGMIIREG using the SIOCDEVPRIVATE numbers
  • - Has a few ioctls that may have been used for debugging at one point but have no place in the kernel proper.
Alerts:
Fedora FEDORA-2012-7538 2012-05-13
Fedora FEDORA-2012-7594 2012-05-15
SUSE SUSE-SU-2012:0689-1 2012-06-02
Ubuntu USN-1471-1 2012-06-12
Ubuntu USN-1472-1 2012-06-12
Ubuntu USN-1473-1 2012-06-13
Ubuntu USN-1474-1 2012-06-13
Ubuntu USN-1476-1 2012-06-15
SUSE SUSE-SU-2012:0736-1 2012-06-14
Ubuntu USN-1488-1 2012-06-29
Ubuntu USN-1490-1 2012-06-29
Ubuntu USN-1491-1 2012-06-29
Ubuntu USN-1492-1 2012-06-29
Ubuntu USN-1493-1 2012-06-29
Ubuntu USN-1530-1 2012-08-10
Red Hat RHSA-2012:1174-01 2012-08-21
CentOS CESA-2012:1174 2012-08-22
Oracle ELSA-2012-1174 2012-08-23
Scientific Linux SL-kern-20120823 2012-08-23
Red Hat RHSA-2012:1304-01 2012-09-25
CentOS CESA-2012:1304 2012-09-26
Scientific Linux SL-kern-20120926 2012-09-26
Oracle ELSA-2012-1304 2012-09-26
Oracle ELSA-2012-2034 2012-09-28
Oracle ELSA-2012-2034 2012-09-27
Oracle ELSA-2012-2035 2012-09-28
Oracle ELSA-2012-2035 2012-09-28
Oracle ELSA-2012-2038 2012-10-19
Oracle ELSA-2012-2038 2012-10-20
Red Hat RHSA-2012:1481-01 2012-11-20
Red Hat RHSA-2012:1541-01 2012-12-04
Red Hat RHSA-2012:1589-01 2012-12-18
Oracle ELSA-2013-2507 2013-02-28
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds