Commit 4da62fc7 authored 19 years ago by pageexec Committed by David S. Miller 19 years ago

[IPVS]: Fix for overflows


From: <pageexec@freemail.hu>

$subject was fixed in 2.4 already, 2.6 needs it as well.

The impact of the bugs is a kernel stack overflow and privilege escalation
from CAP_NET_ADMIN via the IP_VS_SO_SET_STARTDAEMON/IP_VS_SO_GET_DAEMON
ioctls.  People running with 'root=all caps' (i.e., most users) are not
really affected (there's nothing to escalate), but SELinux and similar
users should take it seriously if they grant CAP_NET_ADMIN to other users.

Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent d470e3b4

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 7 additions and 5 deletions

Please register or to comment