[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: kernel: CAP_SYS_MODULE bypass via
From:       Eugene Teo <eugene () redhat ! com>
Date:       2011-02-25 0:14:53
Message-ID: 4D66F47D.2030604 () redhat ! com
[Download RAW message or body]

On 02/25/2011 07:54 AM, Kees Cook wrote:
> Hi,
>
> While not as bad as CVE-2010-4661 (unprivileged module loading)
> I'd like to get a CVE assigned for this issue for tracking purposes:
> https://lkml.org/lkml/2011/2/24/203
>
> Basically "ifconfig $module" will load any module as long as the process
> has CAP_NET_ADMIN (ignoring CAP_SYS_MODULE).

Please use CVE-2011-1019.

Eugene
-- 
Eugene Teo / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]