Candidate: CVE-2006-0096
References: 
http://www.kernel.org/git/?p=linux/kernel/git/tglx/history.git;a=commitdiff;h=0f1d4813a4a65296e1131f320a60741732bc068f
http://linux.bkbits.net:8080/linux-2.4/cset@1.1448.91.23?nav=index.html|src/|src/drivers|src/drivers/net|src/drivers/net/wan|related/drivers/net/wan/sdla.c
Description: 
Notes: 
 jmm> This was accidentally released as a fix for CVE-2004-2607 in 2.4.27-8:
 jmm> 
 jmm> diff -Nru a/drivers/net/wan/sdla.c b/drivers/net/wan/sdla.c
 jmm> --- a/drivers/net/wan/sdla.c    2005-01-13 08:41:42 -08:00
 jmm> +++ b/drivers/net/wan/sdla.c    2005-01-13 08:41:42 -08:00
 jmm> @@ -1300,6 +1300,8 @@
 jmm>
 jmm>                case SDLA_WRITEMEM:
 jmm>                case SDLA_READMEM:
 jmm> +                       if(!capable(CAP_SYS_RAWIO))
 jmm> +                               return -EPERM;
 jmm>                         return(sdla_xfer(dev, (struct sdla_mem *)ifr->ifr_data, cmd == SDLA_READMEM));
 jmm> 
 jmm>                case SDLA_START:
 horms> I only see reference to CVE-2004-2607 in patch-tracking,
 horms> not in the changelog for 2.4.27-8, so I don't think the first line
 horms> of the statement above is correct
Bugs: 
upstream: released (2.6.11), fixed (2.4.29)
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2) [net-sdla-coverty.dpatch]
2.4.27-sarge-security: released (2.4.27-8) [129_net_sdla_coverty.diff]
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: