PT-2010-2862 · Linux · Linux Kernel

Matt Mccutchen

Published

2010-04-12

Updated

2024-06-15

CVE-2010-1146

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.33.2 and earlier

Description The issue allows local users to gain privileges by modifying extended attributes or ACLs when a ReiserFS filesystem exists. This can be achieved by deleting a file under .reiserfs priv/xattrs/.

Recommendations For Linux kernel versions 2.6.33.2 and earlier, restrict read or write access to the .reiserfs priv directory to prevent local users from gaining privileges.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2010-1146

OPENSUSE-SU-2024:10128-1

Affected Products

Linux Kernel

PT-2010-2862 · Linux · Linux Kernel

CVE-2010-1146

Weakness Enumeration

Related Identifiers

Affected Products

References · 92