Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 11 Mar 2011 17:36:51 +0300
From: Vasiliy Kulikov <>
Subject: Re: CVE request: kernel: CAP_SYS_MODULE bypass via

On Thu, Feb 24, 2011 at 15:54 -0800, Kees Cook wrote:
> "ifconfig $module" will load any module as long as the process
> has CAP_NET_ADMIN (ignoring CAP_SYS_MODULE)."

This was fixed in 8909c9ad8ff:;a=commit;h=8909c9ad8ff03611c9c96c9a92656213e4bb495b

Vasiliy Kulikov - bringing security into open computing environments

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.