Unrated severityNVD Advisory· Published Sep 3, 2008· Updated Jun 16, 2026
CVE-2008-3525
CVE-2008-3525
Description
The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 2.6.26.3
Patches
Vulnerability mechanics
References
33- git.kernel.orgnvd
- lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.htmlnvd
- secunia.com/advisories/32103nvd
- secunia.com/advisories/32237nvd
- secunia.com/advisories/32315nvd
- secunia.com/advisories/32356nvd
- secunia.com/advisories/32370nvd
- secunia.com/advisories/32386nvd
- secunia.com/advisories/32393nvd
- secunia.com/advisories/32759nvd
- secunia.com/advisories/33201nvd
- secunia.com/advisories/33280nvd
- www.debian.org/security/2008/dsa-1653nvd
- www.debian.org/security/2008/dsa-1655nvd
- www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.7nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2008/08/29/2nvd
- www.redhat.com/support/errata/RHSA-2008-0787.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0973.htmlnvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/usn-659-1nvd
- www.vupen.com/english/advisories/2008/2511nvd
- www.vupen.com/english/advisories/2008/2714nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5671nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9364nvd
- www.redhat.com/archives/fedora-package-announce/2008-October/msg00689.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-October/msg00693.htmlnvd
News mentions
0No linked articles in our index yet.