CVE DATABASE / CVE-2008-3525
CVE-2008-3525
CVSS 7.2 · HIGH
Summary
The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions.
CVSS 2.0 breakdown
| Base score | 7.2 (HIGH) |
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Confidentiality | COMPLETE |
| Integrity | COMPLETE |
| Availability | COMPLETE |
Weakness type (CWE)
Affected products
Linux linux kernel
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f2455eb176ac87081bbfc9a44b21c7cd2bc1967e
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
- http://secunia.com/advisories/32103
- http://secunia.com/advisories/32237
- http://secunia.com/advisories/32315
- http://secunia.com/advisories/32356
- http://secunia.com/advisories/32370
- http://secunia.com/advisories/32386
- http://secunia.com/advisories/32393
- http://secunia.com/advisories/32759
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.