The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel prior to 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |