The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted logic" issue.
Metrics
No CVSS v4.0
No CVSS v3.1
No CVSS v3.0
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None
This CVE is not in the KEV list.
Key SSVC decision points have not yet been added.
Affected Vendors & Products
Vendors | Products |
---|---|
Linux |
|
Redhat |
|
Configuration 1 [-]
|
Package | CPE | Advisory | Released Date |
---|---|---|---|
MRG for RHEL-5 | |||
kernel-rt-0:2.6.24.7-108.el5rt | cpe:/a:redhat:enterprise_mrg:1::el5 | RHSA-2009:0360 | 2009-03-27T00:00:00Z |
Red Hat Enterprise Linux 5 | |||
kernel-0:2.6.18-128.1.6.el5 | cpe:/o:redhat:enterprise_linux:5 | RHSA-2009:0326 | 2009-04-01T00:00:00Z |
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2009-02-22T22:00:00
Updated: 2024-08-07T04:40:05.104Z
Reserved: 2009-02-22T00:00:00
Link: CVE-2009-0675

No data.

Status : Modified
Published: 2009-02-22T22:30:00.953
Modified: 2024-11-21T01:00:39.880
Link: CVE-2009-0675
