CVE-2010-2066

Published: 08 September 2010

The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.

From the Ubuntu security team

Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.35)
Patches:
upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72
Karmic: http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-2066/patches/karmic/linux/0001-ext4-Make-sure-the-MOVE_EXT-ioctl-can-t-overwrite-appe.txt
linux-ec2
Launchpad, Ubuntu, Debian 		Upstream Needs triage

linux-fsl-imx51
Launchpad, Ubuntu, Debian 		Upstream Needs triage

linux-lts-backport-maverick
Launchpad, Ubuntu, Debian 		Upstream Needs triage

linux-source-2.6.15
Launchpad, Ubuntu, Debian 		Upstream Needs triage

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading