CVE-2010-2071

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.35

Description The issue allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl, due to the btrfs xattr set acl function in fs/btrfs/acl.c not checking file ownership before setting an ACL.

Recommendations For Linux kernel versions prior to 2.6.35, update to a version 2.6.35 or later to resolve the issue.