CVE-2005-2801

xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
References
Link Resource
http://acl.bestbits.at/pipermail/acl-devel/2005-February/001848.html Broken Link Exploit
http://lists.debian.org/debian-kernel/2005/08/msg00238.html Mailing List Patch
http://secunia.com/advisories/17073 Broken Link
http://secunia.com/advisories/17826 Broken Link
http://secunia.com/advisories/18056 Broken Link
http://secunia.com/advisories/18059 Broken Link
http://secunia.com/advisories/19252 Broken Link
http://www.debian.org/security/2005/dsa-921 Third Party Advisory
http://www.debian.org/security/2005/dsa-922 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 Broken Link
http://www.novell.com/linux/security/advisories/2005_18_kernel.html Broken Link Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-514.html Broken Link
http://www.redhat.com/support/errata/RHSA-2006-0144.html Broken Link
http://www.securityfocus.com/archive/1/427980/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/14793 Broken Link Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10495 Broken Link
http://acl.bestbits.at/pipermail/acl-devel/2005-February/001848.html Broken Link Exploit
http://lists.debian.org/debian-kernel/2005/08/msg00238.html Mailing List Patch
http://secunia.com/advisories/17073 Broken Link
http://secunia.com/advisories/17826 Broken Link
http://secunia.com/advisories/18056 Broken Link
http://secunia.com/advisories/18059 Broken Link
http://secunia.com/advisories/19252 Broken Link
http://www.debian.org/security/2005/dsa-921 Third Party Advisory
http://www.debian.org/security/2005/dsa-922 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 Broken Link
http://www.novell.com/linux/security/advisories/2005_18_kernel.html Broken Link Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-514.html Broken Link
http://www.redhat.com/support/errata/RHSA-2006-0144.html Broken Link
http://www.securityfocus.com/archive/1/427980/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/14793 Broken Link Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10495 Broken Link
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:00

Type Values Removed Values Added
References () http://acl.bestbits.at/pipermail/acl-devel/2005-February/001848.html - Broken Link, Exploit () http://acl.bestbits.at/pipermail/acl-devel/2005-February/001848.html - Broken Link, Exploit
References () http://lists.debian.org/debian-kernel/2005/08/msg00238.html - Mailing List, Patch () http://lists.debian.org/debian-kernel/2005/08/msg00238.html - Mailing List, Patch
References () http://secunia.com/advisories/17073 - Broken Link () http://secunia.com/advisories/17073 - Broken Link
References () http://secunia.com/advisories/17826 - Broken Link () http://secunia.com/advisories/17826 - Broken Link
References () http://secunia.com/advisories/18056 - Broken Link () http://secunia.com/advisories/18056 - Broken Link
References () http://secunia.com/advisories/18059 - Broken Link () http://secunia.com/advisories/18059 - Broken Link
References () http://secunia.com/advisories/19252 - Broken Link () http://secunia.com/advisories/19252 - Broken Link
References () http://www.debian.org/security/2005/dsa-921 - Third Party Advisory () http://www.debian.org/security/2005/dsa-921 - Third Party Advisory
References () http://www.debian.org/security/2005/dsa-922 - Third Party Advisory () http://www.debian.org/security/2005/dsa-922 - Third Party Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 - Broken Link () http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 - Broken Link
References () http://www.novell.com/linux/security/advisories/2005_18_kernel.html - Broken Link, Patch, Vendor Advisory () http://www.novell.com/linux/security/advisories/2005_18_kernel.html - Broken Link, Patch, Vendor Advisory
References () http://www.redhat.com/support/errata/RHSA-2005-514.html - Broken Link () http://www.redhat.com/support/errata/RHSA-2005-514.html - Broken Link
References () http://www.redhat.com/support/errata/RHSA-2006-0144.html - Broken Link () http://www.redhat.com/support/errata/RHSA-2006-0144.html - Broken Link
References () http://www.securityfocus.com/archive/1/427980/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/427980/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/14793 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/14793 - Broken Link, Third Party Advisory, VDB Entry
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10495 - Broken Link () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10495 - Broken Link

16 Feb 2024, 16:53

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-697
CVSS v2 : 5.0
v3 : unknown
v2 : 5.0
v3 : 7.5
References (MLIST) http://acl.bestbits.at/pipermail/acl-devel/2005-February/001848.html - Exploit (MLIST) http://acl.bestbits.at/pipermail/acl-devel/2005-February/001848.html - Broken Link, Exploit
References (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 - (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 - Broken Link
References (FEDORA) http://www.securityfocus.com/archive/1/427980/100/0/threaded - (FEDORA) http://www.securityfocus.com/archive/1/427980/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References (SECUNIA) http://secunia.com/advisories/18059 - (SECUNIA) http://secunia.com/advisories/18059 - Broken Link
References (MLIST) http://lists.debian.org/debian-kernel/2005/08/msg00238.html - Patch (MLIST) http://lists.debian.org/debian-kernel/2005/08/msg00238.html - Mailing List, Patch
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2005-514.html - (REDHAT) http://www.redhat.com/support/errata/RHSA-2005-514.html - Broken Link
References (DEBIAN) http://www.debian.org/security/2005/dsa-922 - (DEBIAN) http://www.debian.org/security/2005/dsa-922 - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/17826 - (SECUNIA) http://secunia.com/advisories/17826 - Broken Link
References (SECUNIA) http://secunia.com/advisories/17073 - (SECUNIA) http://secunia.com/advisories/17073 - Broken Link
References (SUSE) http://www.novell.com/linux/security/advisories/2005_18_kernel.html - Patch, Vendor Advisory (SUSE) http://www.novell.com/linux/security/advisories/2005_18_kernel.html - Broken Link, Patch, Vendor Advisory
References (SECUNIA) http://secunia.com/advisories/18056 - (SECUNIA) http://secunia.com/advisories/18056 - Broken Link
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2006-0144.html - (REDHAT) http://www.redhat.com/support/errata/RHSA-2006-0144.html - Broken Link
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10495 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10495 - Broken Link
References (BID) http://www.securityfocus.com/bid/14793 - (BID) http://www.securityfocus.com/bid/14793 - Broken Link, Third Party Advisory, VDB Entry
References (DEBIAN) http://www.debian.org/security/2005/dsa-921 - (DEBIAN) http://www.debian.org/security/2005/dsa-921 - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/19252 - (SECUNIA) http://secunia.com/advisories/19252 - Broken Link

Information

Published : 2005-09-06 17:03

Updated : 2024-11-21 00:00


NVD link : CVE-2005-2801

Mitre link : CVE-2005-2801

CVE.ORG link : CVE-2005-2801


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-697

Incorrect Comparison