kernel: multiple vulnerabilities [LWN.net]

Package(s):

kernel kernel-pae

CVE #(s):

CVE-2010-1641 CVE-2010-2071 CVE-2010-2066

Created:

July 8, 2010

Updated:

March 8, 2011

Description:

From the Pardus advisory:

CVE-2010-1641: The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.

CVE-2010-2071: The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl.

CVE-2010-2066: If the donor file is an append-only file, we should not allow the operation to proceed, lest we end up overwriting the contents of an append-only file.

Alerts:

Ubuntu	USN-1083-1	2011-03-03
Ubuntu	USN-1074-2	2011-02-28
Ubuntu	USN-1074-1	2011-02-25
MeeGo	MeeGo-SA-10:38	2010-10-09
Fedora	FEDORA-2010-18983	2010-12-17
openSUSE	openSUSE-SU-2010:0664-1	2010-09-23
Fedora	FEDORA-2010-14235	2010-09-08
CentOS	CESA-2010:0610	2010-08-11
Red Hat	RHSA-2010:0610-01	2010-08-10
openSUSE	openSUSE-SU-2010:0481-1	2010-08-09
Ubuntu	USN-966-1	2010-08-04
Fedora	FEDORA-2010-11412	2010-07-27
SUSE	SUSE-SA:2010:033	2010-08-02
Ubuntu	USN-1000-1	2010-10-19
Fedora	FEDORA-2010-10876	2010-07-07
Fedora	FEDORA-2010-10880	2010-07-07
Pardus	2010-94	2010-07-08
SUSE	SUSE-SA:2010:031	2010-07-20
openSUSE	openSUSE-SU-2010:0397-1	2010-07-19
CentOS	CESA-2010:0504	2010-07-02

(Log in to post comments)

kernel: multiple vulnerabilities

Posted Jul 28, 2010 10:50 UTC (Wed) by robbe (guest, #16131) [Link]

The description of the CVE-2010-2066 issue was a bit mystifying, and the CVE has not been marked public yet. Here is a link with more information:
http://bugs.pardus.org.tr/show_bug.cgi?id=13450