Vulnerability CVE-2010-2943


Published: 2010-09-30   Modified: 2012-02-13

Description:
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

See advisories in our WLB2 database:
Topic
Author
Date
High
XFS Deleted Inode Local Information Disclosure Vulnerability
Red Hat
06.10.2010

Type:

CWE-200

(Information Exposure)

CVSS2 => (AV:N/AC:M/Au:S/C:C/I:C/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.9/10
9.2/10
6.8/10
Exploit range
Attack complexity
Authentication
Remote
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
None
Affected software
Linux -> Kernel 
Linux -> Linux kernel 

 References:
http://article.gmane.org/gmane.comp.file-systems.xfs.general/33767
http://article.gmane.org/gmane.comp.file-systems.xfs.general/33768
http://article.gmane.org/gmane.comp.file-systems.xfs.general/33769
http://article.gmane.org/gmane.comp.file-systems.xfs.general/33771
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1920779e67cbf5ea8afef317777c5bf2b8096188
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7124fe0a5b619d65b739477b3b55a20bf805b06d
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7b6259e7a83647948fa33a736cc832310c8d85aa
http://oss.sgi.com/archives/xfs/2010-06/msg00191.html
http://oss.sgi.com/archives/xfs/2010-06/msg00198.html
http://support.avaya.com/css/P8/documents/100113326
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35
http://www.openwall.com/lists/oss-security/2010/08/18/2
http://www.openwall.com/lists/oss-security/2010/08/19/5
http://www.redhat.com/support/errata/RHSA-2010-0723.html
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.securityfocus.com/bid/42527
http://www.ubuntu.com/usn/USN-1041-1
http://www.ubuntu.com/usn/USN-1057-1
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
http://www.vupen.com/english/advisories/2011/0070
http://www.vupen.com/english/advisories/2011/0280
https://bugzilla.redhat.com/show_bug.cgi?id=624923

Copyright 2024, cxsecurity.com

 

Back to Top