FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking

2020-03-19T00:00:00
ID 3C10CCDF-6A09-11EA-92AB-00163E433440
Type freebsd
Reporter FreeBSD
Modified 2020-03-19T00:00:00

Description

Problem Description: The driver-specific ioctl(2) command handlers in oce(4) failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact: The oce(4) handler permits unprivileged users to send passthrough commands to device firmware.