Description
The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.
References (12)
Core 12
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/04/8
Release Notes x_refsource_confirm
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1174.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53965
Exploit, Patch x_refsource_confirm
https://github.com/torvalds/linux/commit/1bb57e940e1958e40d51f2078f50c3a96a9b2d75
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=818820
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1541.html
Patch x_refsource_confirm
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1481.html
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1589.html
Third Party Advisory vendor-advisory
x_refsource_hp
http://marc.info/?l=bugtraq&m=139447903326211&w=2
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
Scores
EPSS
0.0017
EPSS Percentile
38.3%
Details
CWE
CWE-264
Status
published
Products (15)
linux/linux_kernel
3.3 (8 CPE variants)
linux/linux_kernel
3.3.1
linux/linux_kernel
3.3.2
linux/linux_kernel
3.3.3
linux/linux_kernel
3.3.4
linux/linux_kernel
3.3.5
linux/linux_kernel
< 3.3.6
novell/suse_linux_enterprise_server
10.0 sp4
redhat/enterprise_linux
5
redhat/enterprise_linux_desktop
5.0
... and 5 more
Published
Jun 13, 2012
Tracked Since
Feb 18, 2026