Описание
The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.
Ссылки
- Mailing ListPatchThird Party Advisory
- Broken Link
- Broken Link
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitIssue TrackingPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Mailing ListPatchThird Party Advisory
- Broken Link
- Broken Link
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitIssue TrackingPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
EPSS
6.9 Medium
CVSS2
Дефекты
Связанные уязвимости
The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.
The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exis ...
The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.
EPSS
6.9 Medium
CVSS2