eepro100 security fix [was: Re: MII access]

eepro100 security fix [was: Re: MII access]

Post by Andrey Savochki » Mon, 11 Jun 2001 11:20:08


Please apply the attached patch.
It fixes a security problem of user-controlled access to the card ports from
a non-privileged ioctl which should have read-only semantics.

Best regards

> > > With clearer mind, I have to make some a correction to one of the previous
> > > messages: the problem of not checking arguments range does not apply to
> > > 3c59x which has in the ioctl function '& 0x1f' for both transceiver number
> > > and register number. However, eepro100 and tulip don't do that. (I'm
> > > checking now with 2.4.3 from Mandrake 8, but I don't think that there were
> > > recent changes in these areas).

> > half right -- tulip does this for the phy id but not the MII register
> > number.  I'll fix that up.  Please bug Andrey about fixing up
> > eepro100...

< 1K Download

1. I am looking for Linux Security FAQ and Security related sites


Could you help me, please?
I am looking for a Linux Security FAQ and
Security related Web sites.

I have Slackware (kernel 2.0.30) and one of my users showed me how to
get root rights just for 2 seconds!
It is incredible, but he got them!
It was a trick with a ._ directory.

Thank you for the information!


2. More Help w/ AS200 4/233

3. Is watchdog problem(MII bus driver) on 4.1.1 fixed?

4. Packet Capturing/Forwarding

5. Linux 2.4.18 8139too.c driver fix for mii-tool

6. NCRxx825 wide SCSI - any experience

7. Bad OOps with 2.1.24 and eepro100 (kills kerneld too) [ Including eepro100 kernel patches ]

8. HP Colorado 5Gb tape backup

9. new eepro100 driver: "eepro100: wait_for_cmd_done timeout!"

10. Fwd: eepro100 pm fix (fwd)

11. eepro100 PCI/PM fixes

12. fix SMP lockup in eepro100 with ethtool on unused interface

13. NAPI eepro100 bug fixed