Description
The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted logic" issue.
Published: 2009-02-22
Score: 2.1 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-1749-1 New Linux 2.6.26 packages fix several vulnerabilities
Debian DSA Debian DSA DSA-1787-1 New Linux 2.6.24 packages fix several vulnerabilities
Debian DSA Debian DSA DSA-1794-1 New Linux 2.6.18 packages fix several vulnerabilities
EUVD EUVD EUVD-2009-0675 The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted logic" issue.
Ubuntu USN Ubuntu USN USN-751-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-752-1 Linux kernel vulnerabilities
References
Link Providers
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c25b9abbc2c2c0da88e180c3933d6e773245815a cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html cve-icon cve-icon
http://lists.openwall.net/netdev/2009/01/28/90 cve-icon cve-icon
http://openwall.com/lists/oss-security/2009/02/20/2 cve-icon cve-icon
http://secunia.com/advisories/33758 cve-icon cve-icon
http://secunia.com/advisories/33938 cve-icon cve-icon
http://secunia.com/advisories/34394 cve-icon cve-icon
http://secunia.com/advisories/34502 cve-icon cve-icon
http://secunia.com/advisories/34680 cve-icon cve-icon
http://secunia.com/advisories/34981 cve-icon cve-icon
http://secunia.com/advisories/35011 cve-icon cve-icon
http://secunia.com/advisories/35394 cve-icon cve-icon
http://secunia.com/advisories/37471 cve-icon cve-icon
http://www.debian.org/security/2009/dsa-1749 cve-icon cve-icon
http://www.debian.org/security/2009/dsa-1787 cve-icon cve-icon
http://www.debian.org/security/2009/dsa-1794 cve-icon cve-icon
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.6 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2009:071 cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2009-0326.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2009-0360.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/507985/100/0/threaded cve-icon cve-icon
http://www.ubuntu.com/usn/usn-751-1 cve-icon cve-icon
http://www.vmware.com/security/advisories/VMSA-2009-0016.html cve-icon cve-icon
http://www.vupen.com/english/advisories/2009/3316 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=486534 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2009-0675 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11529 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8685 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2009-0675 cve-icon
History

No history.

Subscriptions

Linux Linux Kernel
Redhat Enterprise Linux Enterprise Mrg
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-07T04:40:05.104Z

Reserved: 2009-02-22T00:00:00.000Z

Link: CVE-2009-0675

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2009-02-22T22:30:00.953

Modified: 2025-04-09T00:30:58.490

Link: CVE-2009-0675

cve-icon Redhat

Severity : Moderate

Publid Date: 2009-01-28T00:00:00Z

Links: CVE-2009-0675 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses