CVE-2010-2071

The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
linuxlinux_kernel
𝑥
≤ 2.6.34
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
lucid
Fixed 2.6.32-24.39
released
karmic
Fixed 2.6.31-22.61
released
jaunty
not-affected
hardy
not-affected
dapper
dne
linux-source-2.6.15
lucid
dne
karmic
dne
jaunty
dne
hardy
dne
dapper
not-affected
Common Weakness Enumeration
References
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=2f26afba
http://lkml.org/lkml/2010/5/17/544
http://www.openwall.com/lists/oss-security/2010/06/11/3
http://www.openwall.com/lists/oss-security/2010/06/14/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=2f26afba
http://lkml.org/lkml/2010/5/17/544
http://www.openwall.com/lists/oss-security/2010/06/11/3
http://www.openwall.com/lists/oss-security/2010/06/14/2