The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 2.6.12 (including) | 3.2.53 (excluding) |
Linux_kernel | Linux | 3.3 (including) | 3.4.69 (excluding) |
Linux_kernel | Linux | 3.5 (including) | 3.10.19 (excluding) |
Linux_kernel | Linux | 3.11 (including) | 3.11.8 (excluding) |