Severity: Unknown
Affected Package: kernel
Summary: Insufficient credential checks in network interface ioctl handling (ifioctl)
The IPv6 and ATM network-layer ioctl handlers pass unrecognized requests to the link layer, but network interface drivers assume SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR and SIOCSIFNETMASK were already validated and therefore skip input validation and credential checks. An unprivileged user can trigger link-layer actions (marking an interface up, resetting hardware) or panic the kernel via a crafted address structure. Patch obtained from FreeBSD.
No specific recommendations provided.
Aliases: CVE-2013-5691
Published: September 10, 2013
Last Modified: September 10, 2013