Oval Definition:oval:org.opensuse.security:def:20083525
Revision Date:2017-09-27Version:1
Title:CVE-2008-3525
Description:

The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-3525
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
openSUSE 10.3
openSUSE 11.0
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE Linux Enterprise Realtime 10 SP2
SUSE Linux Enterprise SDK 10 SP2
Product(s):
Definition Synopsis
  • Release Information
  • sles10-sp2-sdk is installed
  • AND kernel-kdump less than 2.6.16.60-0.31
  • OR Package Information
  • sles10-sp2-sdk is installed
  • AND
  • kernel-debug less than 2.6.16.60-0.31
  • OR kernel-kdump less than 2.6.16.60-0.31
  • OR kernel-xen less than 2.6.16.60-0.31
  • OR kernel-xenpae less than 2.6.16.60-0.31
  • OR Package Information
  • sles10-sp2-sdk is installed
  • AND
  • kernel-debug less than 2.6.16.60-0.31
  • OR kernel-kdump less than 2.6.16.60-0.31
  • OR kernel-xen less than 2.6.16.60-0.31
  • OR Package Information
  • sles10-sp2-rt is installed
  • AND
  • kernel-rt less than 2.6.22.19-0.18
  • OR kernel-rt_bigsmp less than 2.6.22.19-0.18
  • OR kernel-rt_debug less than 2.6.22.19-0.18
  • OR kernel-rt_timing less than 2.6.22.19-0.18
  • OR kernel-source less than 2.6.22.19-0.18
  • OR kernel-syms less than 2.6.22.19-0.18
  • OR Package Information
  • sles10-sp2-sdk is installed
  • AND kernel-debug less than 2.6.16.60-0.31
    • BACK