Ubuntu.comUB:CVE-2010-2226CVE-2010-2226
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
10.1%
The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before
2.6.35 does not properly check the file descriptors passed to the SWAPEXT
ioctl, which allows local users to leverage write access and obtain read
access by swapping one file into another file.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 8.04 | noarch | linux | < 2.6.24-28.80 | UNKNOWN |
| ubuntu | 9.04 | noarch | linux | < 2.6.28-19.66 | UNKNOWN |
| ubuntu | 9.10 | noarch | linux | < 2.6.31-22.67 | UNKNOWN |
| ubuntu | 9.10 | noarch | linux-ec2 | < 2.6.31-307.21 | UNKNOWN |
| ubuntu | 10.04 | noarch | linux-ec2 | < 2.6.32-309.18 | UNKNOWN |
| ubuntu | 9.10 | noarch | linux-fsl-imx51 | < 2.6.31-112.30 | UNKNOWN |
| ubuntu | 10.04 | noarch | linux-fsl-imx51 | < 2.6.31-608.22 | UNKNOWN |
| ubuntu | 10.04 | noarch | linux-lts-backport-maverick | < 2.6.35-25.44~lucid1 | UNKNOWN |
References
marc.info/?l=oss-security&m=127677135609357&w=2
launchpad.net/bugs/cve/CVE-2010-2226
nvd.nist.gov/vuln/detail/CVE-2010-2226
security-tracker.debian.org/tracker/CVE-2010-2226
ubuntu.com/security/notices/USN-1000-1
ubuntu.com/security/notices/USN-1074-1
ubuntu.com/security/notices/USN-1074-2
ubuntu.com/security/notices/USN-1083-1
www.cve.org/CVERecord?id=CVE-2010-2226
Related
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
10.1%