CVE-2010-4347

Published: 22 December 2010

The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_method file, which allows local users to gain privileges by placing a custom ACPI method in the ACPI interpreter tables, related to the acpi_debugfs_init function in drivers/acpi/debugfs.c.

Priority

Status

Package	Release	Status
linux Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Not vulnerable
	karmic	Not vulnerable
	lucid	Not vulnerable
	maverick	Not vulnerable
	upstream	Released (2.6.36.2)
linux-source-2.6.15 Launchpad, Ubuntu, Debian	dapper	Not vulnerable
	hardy	Does not exist
	karmic	Does not exist
	lucid	Does not exist
	maverick	Does not exist
	upstream	Not vulnerable

References

https://www.cve.org/CVERecord?id=CVE-2010-4347
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.