The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 2.6.9 (including) | 2.6.9 (including) |
Red Hat Enterprise Linux 4 | RedHat | kernel-0:2.6.9-89.0.11.EL | * |
Linux-source-2.6.15 | Ubuntu | dapper | * |
Linux-source-2.6.15 | Ubuntu | upstream | * |