CVE-2010-0007

Impact:
Low
Public Date:
2010-01-08
IAVA:
2011-A-0066
Bugzilla:
555238: CVE-2010-0007 kernel: netfilter: ebtables: enforce CAP_NET_ADMIN

The MITRE CVE dictionary describes this issue as:

net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traffic filtering via a modified ebtables application.

Find out more about CVE-2010-0007 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat is aware of this issue and is tracking it via the following bug:
https://bugzilla.redhat.com/CVE-2010-0007.

This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3, as it did not include support for ebtables. This issue was addressed in Red Hat Enterprise Linux 4 and 5 via https://rhn.redhat.com/errata/RHSA-2010-0146.html and https://rhn.redhat.com/errata/RHSA-2010-0147.html respectively. A futur e update in Red Hat Enterprise MRG may address this flaw.

CVSS v2 metrics

Base Score 4.7
Base Metrics AV:L/AC:H/Au:N/C:N/I:P/A:C
Access Vector Local
Access Complexity High
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (kernel) RHSA-2010:0146 2010-03-17
MRG Grid for RHEL 5 Server (kernel-rt) RHSA-2010:0161 2010-03-23
Red Hat Enterprise Linux 5 (kernel) RHSA-2010:0147 2010-03-17

Mitigation

Last Modified

CVE description copyright © 2017, The MITRE Corporation