5.5

CVE-2010-2066

The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 2.6.35
VMwareEsx Version4.0
VMwareEsx Version4.1
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version8.04
CanonicalUbuntu Linux Version9.04
CanonicalUbuntu Linux Version9.10
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version10.10
SuseSuse Linux Enterprise Desktop Version11 Updatesp1
SuseSuse Linux Enterprise Server Version11 Updatesp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.38% 0.293
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Patch
Third Party Advisory
http://secunia.com/advisories/43315
Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0610.html
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00000.html
Third Party Advisory
Mailing List
http://www.ubuntu.com/usn/USN-1000-1
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35
Broken Link
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72
http://www.openwall.com/lists/oss-security/2010/06/07/1
Patch
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2010/06/09/1
Patch
Third Party Advisory
Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=601006
Patch
Third Party Advisory
Issue Tracking