Hello,
Last November a bug was found in iproute. CAN-2003-0856 has more information.
Basically, netlink packets can come from any user. If a program performs action
based on netlink packets, they must be examined to make sure they came from the
place they are expected (the kernel).
Attached is a patch against pre8. Please apply this before releasing 1.00 final.
All users of busy box may be vulnerable to local attacks without it.
Best Regards,
Steve Grubb