lisa/android_kernel_xiaomi_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
82fac0542e
android_kernel_xiaomi_sm8350/net
History
Björn Steinbrink 82fac0542e [NETFILTER]: Missing check for CAP_NET_ADMIN in iptables compat layer 
The 32bit compatibility layer has no CAP_NET_ADMIN check in
compat_do_ipt_get_ctl, which for example allows to list the current
iptables rules even without having that capability (the non-compat
version requires it). Other capabilities might be required to exploit
the bug (eg. CAP_NET_RAW to get the nfnetlink socket?), so a plain user
can't exploit it, but a setup actually using the posix capability system
might very well hit such a constellation of granted capabilities.

Signed-off-by: Björn Steinbrink <B.Steinbrink@gmx.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-20 00:21:10 -07:00
..
802 [TR]: endiannness annotations 2006-09-28 17:53:59 -07:00
8021q [PATCH] Finish annotations of struct vlan_ethhdr 2006-10-10 16:15:34 -07:00
appletalk [ATALK]: endianness annotations 2006-09-28 17:53:58 -07:00
atm Remove all inclusions of <linux/config.h> 2006-10-04 03:38:54 -04:00
ax25
bluetooth [Bluetooth] Add locking for bt_proto array manipulation 2006-10-15 23:14:34 -07:00
bridge [BRIDGE]: flush forwarding table when device carrier off 2006-10-15 23:14:13 -07:00
core [NETPOLL]: initialize skb for UDP 2006-10-19 23:58:23 -07:00
dccp [NET]: Use typesafe inet_twsk() inline function instead of cast. 2006-10-11 23:59:58 -07:00
decnet [DECNET]: Fix input routing bug 2006-10-18 20:45:22 -07:00
econet
ethernet [NET]: Annotate dst_ops protocol 2006-09-28 18:02:58 -07:00
ieee80211 [PATCH] bcm43xx: WE-21 support 2006-09-25 16:52:16 -04:00
ipv4 [NETFILTER]: Missing check for CAP_NET_ADMIN in iptables compat layer 2006-10-20 00:21:10 -07:00
ipv6 [IPV6]: Fix route.c warnings when multiple tables are disabled. 2006-10-18 21:20:57 -07:00
ipx
irda [PATCH] strndup() would better take size_t, not int 2006-10-10 15:37:24 -07:00
key IPsec: correct semantics for SELinux policy matching 2006-10-11 23:59:37 -07:00
lapb
llc
netfilter [NETFILTER]: ctnetlink: Remove debugging messages 2006-10-15 23:14:11 -07:00
netlabel NetLabel: fix a cache race condition 2006-10-11 23:59:29 -07:00
netlink [GENL]: Provide more information to userspace about registered genl families 2006-09-22 15:18:51 -07:00
netrom
packet [NET]: Fix sk->sk_filter field access 2006-09-22 15:18:47 -07:00
rose
rxrpc [PATCH] kmemdup: some users 2006-10-01 00:39:19 -07:00
sched [PKT_SCHED] sch_htb: use rb_first() cleanup 2006-10-12 01:52:05 -07:00
sctp [IPV6]: Make sure error handling is done when calling ip6_route_output(). 2006-10-18 19:55:27 -07:00
sunrpc [PATCH] knfsd: Allow lockd to drop replies as appropriate 2006-10-17 08:18:46 -07:00
tipc [TIPC]: Updated TIPC version number to 1.6.2 2006-10-18 19:55:24 -07:00
unix [AF_UNIX]: Change max_dgram_qlen sysctl to __read_mostly 2006-09-22 15:18:42 -07:00
wanrouter
x25
xfrm [XFRM]: Fix xfrm_state_num going negative. 2006-10-15 23:14:18 -07:00
compat.c [NET]: File descriptor loss while receiving SCM_RIGHTS 2006-10-11 23:59:48 -07:00
Kconfig [NET] Kconfig: fix cut/paste error in TCPPROBE 2006-09-28 17:53:57 -07:00
Makefile [NetLabel]: core NetLabel subsystem 2006-09-22 14:53:34 -07:00
nonet.c
socket.c [PATCH] file: modify struct fown_struct to use a struct pid 2006-10-02 07:57:14 -07:00
sysctl_net.c
TUNABLE