CVE-2009-4131

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.32-git6

Description The issue is related to insufficient checks for file permissions in the EXT4 IOC MOVE EXT ioctl implementation in the ext4 filesystem. This allows local users to overwrite arbitrary files via a crafted request. The problem is associated with deficiencies in access control.

Recommendations For Linux kernel versions prior to 2.6.32-git6, update to version 2.6.32-git6 or later to resolve the issue. As a temporary workaround, consider restricting access to the EXT4 IOC MOVE EXT ioctl to minimize the risk of exploitation.