Computer Security
[EN] securityvulns.ru no-pyccku


Linux aacraid driver IOCTL privilege escalation
Published:31.08.2007
Source:
SecurityVulns ID:8115
Type:local
Threat Level:
5/10
Description:Insufficient user's permissions check leads to denial of service conditions or privilege escalation.
Affected:LINUX : kernel 2.6
CVE:CVE-2007-4308 (The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod