Linux aacraid driver IOCTL privilege escalation
Published:		31.08.2007
Source:		CVE
SecurityVulns ID:		8115
Type:		local
Level:		5/10
Description:		Insufficient user's permissions check leads to denial of service conditions or privilege escalation.

Affected:		LINUX : kernel 2.6
CVE:		CVE-2007-4308 (The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.)

Discuss:

Read or add your comments to this news (0 comments)