Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-0727

Опубликовано: 11 мар. 2010
Источник: redhat
CVSS2: 4.9
EPSS Низкий

Описание

The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions.

Отчет

This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise MRG, as it did not include support for the GFS and GFS2 file systems. For the GFS issue, it was addressed in Red Hat Enterprise Linux 3 in the gfs package, 4 in the GFS-kernel package, and 5 in the gfs-kmod package, via RHSA-2010:9493, RHSA-2010:9494, RHSA-2010:0291 respectively. For the GFS2 issue, it was addressed in Red Hat Enterprise Linux 5 in the kernel package via RHSA-2010:0178.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=570863kernel: bug in GFS/GFS2 locking code leads to dos

EPSS

Процентиль: 23%
0.00073
Низкий

4.9 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-0727

ubuntu
больше 15 лет назад

The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions.

nvd логотип

CVE-2010-0727

nvd
больше 15 лет назад

The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions.

debian логотип

CVE-2010-0727

debian
больше 15 лет назад

The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-2010 ...

github логотип

GHSA-xfgm-rcpf-gf3q

github
около 3 лет назад

The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions.

oracle-oval логотип

ELSA-2010-0291

oracle-oval
около 15 лет назад

ELSA-2010-0291: gfs-kmod security, bug fix and enhancement update (MODERATE)

EPSS

Процентиль: 23%
0.00073
Низкий

4.9 Medium

CVSS2