|
|
Subscribe / Log in / New account

kernel: multiple vulnerabilities

Package(s):kernel kernel-pae CVE #(s):CVE-2010-1641 CVE-2010-2071 CVE-2010-2066
Created:July 8, 2010 Updated:March 8, 2011
Description:

From the Pardus advisory:

CVE-2010-1641: The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.

CVE-2010-2071: The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl.

CVE-2010-2066: If the donor file is an append-only file, we should not allow the operation to proceed, lest we end up overwriting the contents of an append-only file.

Alerts:
Oracle ELSA-2013-1645 kernel 2013-11-26
Ubuntu USN-1083-1 linux-lts-backport-maverick 2011-03-03
Ubuntu USN-1074-2 linux-fsl-imx51 2011-02-28
Ubuntu USN-1074-1 linux-fsl-imx51 2011-02-25
MeeGo MeeGo-SA-10:38 kernel 2010-10-09
Fedora FEDORA-2010-18983 kernel 2010-12-17
openSUSE openSUSE-SU-2010:0664-1 Linux 2010-09-23
Fedora FEDORA-2010-14235 kernel 2010-09-08
CentOS CESA-2010:0610 kernel 2010-08-11
Red Hat RHSA-2010:0610-01 kernel 2010-08-10
openSUSE openSUSE-SU-2010:0481-1 Linux Kernel 2010-08-09
Ubuntu USN-966-1 linux, linux-{source-2.6.15,ec2,mvl-dove,ti-omap} 2010-08-04
Fedora FEDORA-2010-11412 kernel 2010-07-27
SUSE SUSE-SA:2010:033 kernel 2010-08-02
Ubuntu USN-1000-1 kernel 2010-10-19
Fedora FEDORA-2010-10876 kernel 2010-07-07
Fedora FEDORA-2010-10880 kernel 2010-07-07
Pardus 2010-94 kernel kernel-pae 2010-07-08
SUSE SUSE-SA:2010:031 kernel 2010-07-20
openSUSE openSUSE-SU-2010:0397-1 Linux Kernel 2010-07-19
CentOS CESA-2010:0504 kernel 2010-07-02
to post comments

kernel: multiple vulnerabilities

Posted Jul 28, 2010 10:50 UTC (Wed) by robbe (guest, #16131) [Link]

The description of the CVE-2010-2066 issue was a bit mystifying, and the CVE has not been marked public yet. Here is a link with more information:
http://bugs.pardus.org.tr/show_bug.cgi?id=13450


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds