CVE-2010-0007

Publication date 19 January 2010

Last updated 24 July 2024

net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traffic filtering via a modified ebtables application.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	9.10 karmic	Fixed 2.6.31-19.56
	9.04 jaunty	Fixed 2.6.28-18.59
	8.10 intrepid	Fixed 2.6.27-17.45
	8.04 LTS hardy	Fixed 2.6.24-27.65
	6.06 LTS dapper	Not in release
linux-source-2.6.15	9.10 karmic	Not in release
	9.04 jaunty	Not in release
	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Fixed 2.6.15-55.82

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Upstream: http://git.kernel.org/linus/dce766af541f6605fa9889892c0280bab31c66ab

CVE-2010-0007

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references