PT-2010-3679 · Linux+1 · Linux Kernel+1

Dan Rosenberg

Published

2010-08-10

Updated

2024-06-15

CVE-2010-2066

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.35

Description The issue allows local users to overwrite an append-only file. This is achieved through a MOVE EXT ioctl call that specifies the append-only file as a donor, exploiting the mext check arguments function in fs/ext4/move extent.c.

Recommendations For versions prior to 2.6.35, update to version 2.6.35 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2010-2066

OPENSUSE-SU-2024:10128-1

RHSA-2010:0610

RHSA-2010_0610

Affected Products

Linux Kernel

Red Hat

PT-2010-3679 · Linux+1 · Linux Kernel+1

CVE-2010-2066

Related Identifiers

Affected Products

References · 222