7.1

CVE-2010-2537

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 2.6.35
CanonicalUbuntu Linux Version9.10
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version10.10
SuseSuse Linux Enterprise Desktop Version11 Updatesp1
SuseSuse Linux Enterprise Server Version11 Updatesp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.39% 0.306
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
nvd@nist.gov 6.6 3.9 9.2
AV:L/AC:L/Au:N/C:N/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html
Third Party Advisory
Mailing List
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35
Broken Link
http://secunia.com/advisories/42758
Broken Link
http://www.ubuntu.com/usn/USN-1041-1
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0070
Broken Link
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2ebc3464781ad24474abcbd2274e6254689853b5
http://www.openwall.com/lists/oss-security/2010/07/21/10
Patch
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2010/07/21/4
Patch
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/41847
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=616998
Patch
Third Party Advisory
Issue Tracking