REDHAT-BUG-486534
First published: Fri Feb 20 2009(Updated: )
Fix inverted logic in skfp_ioctl(). Non-privileged users should not be able to clear the driver statistics. diff --git a/drivers/net/skfp/skfddi.c b/drivers/net/skfp/skfddi.c index 607efea..9a00e55 100644 --- a/drivers/net/skfp/skfddi.c +++ b/drivers/net/skfp/skfddi.c @@ -1003,9 +1003,9 @@ static int skfp_ioctl(struct net_device *dev, struct ifreq *rq, int cmd) break; case SKFP_CLR_STATS: /* Zero out the driver statistics */ if (!capable(CAP_NET_ADMIN)) { - memset(&lp->MacStat, 0, sizeof(lp->MacStat)); - } else { status = -EPERM; + } else { + memset(&lp->MacStat, 0, sizeof(lp->MacStat)); } break; default:
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=332676&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=332676&action=edit
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c25b9abbc2c2c0da88e180c3933d6e773245815a
- https://rhn.redhat.com/errata/RHSA-2009-0360.html
- https://rhn.redhat.com/errata/RHSA-2009-0326.html
- https://bugzilla.redhat.com/show_bug.cgi?id=486534
- collector/redhat-bugzilla
- alias/CVE-2009-0675
- agent/type
- agent/first-publish-date
- agent/references
- agent/last-modified-date
- agent/severity
- agent/tags
- agent/description
- agent/softwarecombine
- agent/event
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/the linux foundation
- canonical/linux kernel