CVE-2010-3850

2010-12-30T19:00:00
ID CVE-2010-3850
Type cve
Reporter cve@mitre.org
Modified 2012-03-19T04:00:00

Description

The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.