CVE-2010-2071 in Kernelinformation

Résumé (Anglaise)

The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Réserver

25/05/2010

Divulgation

16/06/2010

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

IDVulnérabilitéCWEExpConCVE
53670Linux Kernel btrfs_xattr_set_acl élévation de privilèges264Non définiNon définiCVE-2010-2071

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

PrécédentAperçuSuivant

Do you know our Splunk app?

Download it now for free!