Your submission was sent successfully! Close

CVE-2010-1146

Published: 12 April 2010

The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy
Released (2.6.24-28.70)
intrepid Ignored
(was needed [reached end-of-life] now end-of-life)
jaunty
Released (2.6.28-19.61)
karmic
Released (2.6.31-22.60)
lucid
Released (2.6.32-22.35)
upstream Needs triage

linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper
Released (2.6.15-55.84)
hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

lucid Does not exist

upstream Needs triage