CVE-2008-3525

Severity

72%

Complexity

39%

Confidentiality

165%

The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions.

The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions.

CVSS 2.0 Base Score 7.2. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 16 years ago

2008-09-03 14:12:00

Last updated 7 years ago

2017-09-29 01:31:00

Affected Software

Linux Kernel 2.6.26.3

2.6.26.3

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f2455eb176ac87081bbfc9a44b21c7cd2bc1967e

Exploit

SUSE-SA:2008:047

SUSE-SA:2008:049

SUSE-SA:2008:051

SUSE-SA:2008:052

SUSE-SA:2008:053

SUSE-SR:2008:025

32103

32237

32315

32356

32370

32386

32393

32759

33201

33280

DSA-1653

DSA-1655

http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.7

MDVSA-2008:220

MDVSA-2008:223

[oss-security] 20080829 CVE-2008-3525 kernel: missing capability checks in sbni_ioctl()

RHSA-2008:0787

RHSA-2008:0973

1020969

USN-659-1

ADV-2008-2511

ADV-2008-2714

oval:org.mitre.oval:def:5671

oval:org.mitre.oval:def:9364

FEDORA-2008-8980

FEDORA-2008-8929

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.