CVE-2010-1146
12.04.2010, 18:30
The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 𝑥 ≤ 2.6.33.2 |
𝑥
= Vulnerable software versions
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||
|---|---|---|---|---|---|---|---|
| kernel-default |
| ||||||
| kernel-docs |
| ||||||
| kernel-macros |
| ||||||
| kernel-obs-build |
| ||||||
| kernel-source |
| ||||||
| kernel-syms |
| ||||||
| kernel-vanilla-base |
|
Common Weakness Enumeration
References