Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 22 Apr 2014 20:01:53 -0700
From: Andy Lutomirski <luto@...capital.net>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2014-0181: Linux network reconfiguration due to incorrect
 netlink checks

On Apr 22, 2014 2:37 PM, "Andy Lutomirski" <luto@...capital.net> wrote:
>
> It is possible to reconfigure the network on Linux by calling write(2)
> on an appropriately connected network socket.  By passing such a
> socket as stdout or stderr to a setuid program, anyone can reconfigure
> the network.

s/network socket/netlink socket

>
> Eric Biederman sent patches to netdev containing a possible fix.
>
> --
> Andy Lutomirski
> AMA Capital Management, LLC

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ