Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-2943

Опубликовано: 30 сент. 2010
Источник: nvd
CVSS3: 8.1
CVSS2: 6.4
EPSS Низкий

Описание

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 2.6.35 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:avaya:aura_communication_manager:5.2:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_presence_services:6.0:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_presence_services:6.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_presence_services:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_session_manager:1.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_session_manager:5.2:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_session_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_system_manager:5.2:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_system_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_system_manager:6.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_system_manager:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_system_platform:1.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_system_platform:6.0:-:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_system_platform:6.0:sp1:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_voice_portal:5.0:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_voice_portal:5.1:-:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_voice_portal:5.1:sp1:*:*:*:*:*:*
cpe:2.3:a:avaya:iq:5.0:*:*:*:*:*:*:*
cpe:2.3:a:avaya:iq:5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 84%
0.02402
Низкий

8.1 High

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2010-2943

CVSS3: 8.1
ubuntu
больше 14 лет назад

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

redhat логотип

CVE-2010-2943

redhat
около 15 лет назад

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

debian логотип

CVE-2010-2943

CVSS3: 8.1
debian
больше 14 лет назад

The xfs implementation in the Linux kernel before 2.6.35 does not look ...

github логотип

GHSA-hm34-64r3-w24r

CVSS3: 8.1
github
около 3 лет назад

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

oracle-oval логотип

ELSA-2010-2008

oracle-oval
больше 14 лет назад

ELSA-2010-2008: Unbreakable enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 84%
0.02402
Низкий

8.1 High

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-200