diff options
author | Zhao Xuewen <zhaoxuewen@huawei.com> | 2016-06-07 19:45:52 +0800 |
---|---|---|
committer | Zhao Xuewen <zhaoxuewen@huawei.com> | 2016-06-07 19:45:52 +0800 |
commit | 39f2c179e7b0be85d87303e07f794586a5976f84 (patch) | |
tree | e14ca0c8794b1884a0f9d66055c40f16fbaa7749 | |
parent | 254bb579ffe65ef312b3ab53da9834db51ffe70a (diff) |
net: wireless: bcmdhd: check privilege on priv cmdandroid-wear-6.0.1_r0.33android-wear-6.0.1_r0.18
check net admin capability for ioctl calls
CVE-2016-2475
BUG=26425765
Change-Id: I02d471d8f486e4773d72c67244dcb03b2b4835ed
Signed-off-by: Jerry Lee <jerrylee@broadcom.com>
-rw-r--r-- | drivers/net/wireless/bcmdhd/wl_android.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/drivers/net/wireless/bcmdhd/wl_android.c b/drivers/net/wireless/bcmdhd/wl_android.c index 36ab67bc8866..126cb17bc69e 100644 --- a/drivers/net/wireless/bcmdhd/wl_android.c +++ b/drivers/net/wireless/bcmdhd/wl_android.c @@ -1287,6 +1287,11 @@ int wl_android_priv_cmd(struct net_device *net, struct ifreq *ifr, int cmd) goto exit; } + if (!capable(CAP_NET_ADMIN)) { + ret = -EPERM; + goto exit; + } + #ifdef CONFIG_COMPAT if (is_compat_task()) { compat_android_wifi_priv_cmd compat_priv_cmd; |