CVE-2010-3850

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.36.2

Description The issue allows local users to bypass intended access restrictions and configure econet addresses. This is due to the ec dev ioctl function in net/econet/af econet.c not requiring the CAP NET ADMIN capability, enabling users to make changes via an SIOCSIFADDR ioctl call.

Recommendations For versions prior to 2.6.36.2, update to version 2.6.36.2 or later to resolve the issue.