iproute 2.4.7 and previous versions allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface.
Herbert Xu reported that local users could cause a denial of service
against iproute, a set of tools for controlling networking in Linux
kernels iproute uses the netlink interface to communicate with the
kernel, but failed to verify that the messages it received came from
the kernel (rather than from other user processes)
For the current stable d ...