Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24293

HistoryApr 10, 2020 - 12:51 a.m.

Authorization Bypass

2020-04-1000:51:58

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

9

0.02 Low

EPSS

Percentile

89.0%

kernel is vulnerable to authorization bypass. A flaw was found in the Linux kernel’s XFS file system implementation. The file handle lookup could return an invalid inode as valid. If an XFS file system was mounted via NFS (Network File System), a local attacker could access stale data or overwrite existing data that reused the inodes.

CPENameOperatorVersion
kerneleq2.6.18__92.1.6.el5
kerneleq2.6.18__92.1.26.el5
kerneleq2.6.18__92.1.18.el5
kerneleq2.6.18__92.1.13.el5
kerneleq2.6.18__194.el5
kerneleq2.6.18__128.1.10.el5
kerneleq2.6.18__164.el5
kerneleq2.6.18__92.el5
kerneleq2.6.18__128.1.1.el5
kerneleq2.6.18__8.1.6.el5

Rows per page:

1-10 of 1021

References

article.gmane.org/gmane.comp.file-systems.xfs.general/33767

article.gmane.org/gmane.comp.file-systems.xfs.general/33768

article.gmane.org/gmane.comp.file-systems.xfs.general/33769

article.gmane.org/gmane.comp.file-systems.xfs.general/33771

docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.5_Technical_Notes/kernel.html#id3512212

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1920779e67cbf5ea8afef317777c5bf2b8096188

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7124fe0a5b619d65b739477b3b55a20bf805b06d

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7b6259e7a83647948fa33a736cc832310c8d85aa

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1920779e67cbf5ea8afef317777c5bf2b8096188

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7124fe0a5b619d65b739477b3b55a20bf805b06d

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7b6259e7a83647948fa33a736cc832310c8d85aa

oss.sgi.com/archives/xfs/2010-06/msg00191.html

oss.sgi.com/archives/xfs/2010-06/msg00198.html

secunia.com/advisories/42758

secunia.com/advisories/43161

secunia.com/advisories/46397

support.avaya.com/css/P8/documents/100113326

www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35

www.openwall.com/lists/oss-security/2010/08/18/2

www.openwall.com/lists/oss-security/2010/08/19/5

www.redhat.com/security/updates/classification/#important

www.redhat.com/support/errata/RHSA-2010-0723.html

www.securityfocus.com/archive/1/520102/100/0/threaded

www.securityfocus.com/bid/42527

www.ubuntu.com/usn/USN-1041-1

www.ubuntu.com/usn/USN-1057-1

www.vmware.com/security/advisories/VMSA-2011-0012.html

www.vupen.com/english/advisories/2011/0070

www.vupen.com/english/advisories/2011/0280

access.redhat.com/errata/RHSA-2010:0723

bugzilla.redhat.com/show_bug.cgi?id=624923

0.02 Low

EPSS

Percentile

89.0%

Related for VERACODE:24293

ubuntucve1 cvelist1 nvd1 prion1 cve1 oraclelinux2 openvas19 nessus12 ubuntu7 centos1 redhat1 suse1 vmware2