Upstream information
Description
The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
| CVSS detail | National Vulnerability Database |
|---|---|
| Base Score | 7.2 |
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Access Vector | Local |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Complete |
| Integrity Impact | Complete |
| Availability Impact | Complete |
SUSE Security Advisories:
- SUSE-SA:2008:047, published Wed, 01 Oct 2008 13:00:00 +0000
- SUSE-SA:2008:049, published Thu, 02 Oct 2008 10:00:00 +0000
- SUSE-SA:2008:051, published Tue, 21 Oct 2008 10:00:00 +0000
- SUSE-SA:2008:052, published Tue, 21 Oct 2008 11:00:00 +0000
- SUSE-SA:2008:053, published Mon, 27 Oct 2008 18:00:00 +0000
- SUSE-SR:2008:025, published Fri, 14 Nov 2008 15:00:00 +0000
SUSE Timeline for this CVE
CVE page created: Tue Jul 9 16:16:59 2013CVE page last modified: Mon Oct 6 18:15:22 2025