CVE-2005-3623

Name of the Vulnerable Software and Affected Versions Linux kernel version 2.6.14.4

Description The issue concerns a lack of privilege checking in the Linux kernel, specifically in the nfs2acl.c file. This omission allows remote attackers to bypass access controls (ACLs) on files located on exported NFS filesystems that are mounted as readonly. This can lead to unauthorized access to files.

Recommendations For Linux kernel version 2.6.14.4, consider restricting access to the nfs2acl.c functionality until a patch is available. As a temporary workaround, restrict the setting of access controls on exported NFS filesystems to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.