releases/2.6.36.2/econet-fix-cve-2010-3850.patch

   1 From 16c41745c7b92a243d0874f534c1655196c64b74 Mon Sep 17 00:00:00 2001
   2 From: Phil Blundell <philb@gnu.org>
   3 Date: Wed, 24 Nov 2010 11:49:53 -0800
   4 Subject: econet: fix CVE-2010-3850
   5
   6 From: Phil Blundell <philb@gnu.org>
   7
   8 commit 16c41745c7b92a243d0874f534c1655196c64b74 upstream.
   9
  10 Add missing check for capable(CAP_NET_ADMIN) in SIOCSIFADDR operation.
  11
  12 Signed-off-by: Phil Blundell <philb@gnu.org>
  13 Signed-off-by: David S. Miller <davem@davemloft.net>
  14 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  15
  16 ---
  17  net/econet/af_econet.c |    3 +++
  18  1 file changed, 3 insertions(+)
  19
  20 --- a/net/econet/af_econet.c
  21 +++ b/net/econet/af_econet.c
  22 @@ -661,6 +661,9 @@ static int ec_dev_ioctl(struct socket *s
  23         err = 0;
  24         switch (cmd) {
  25         case SIOCSIFADDR:
  26 +               if (!capable(CAP_NET_ADMIN))
  27 +                       return -EPERM;
  28 +
  29                 edev = dev->ec_ptr;
  30                 if (edev == NULL) {
  31                         /* Magic up a new one. */