The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.
References
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 02:02
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2008-05-12 21:20
Updated : 2024-02-28 11:21
NVD link : CVE-2008-2148
Mitre link : CVE-2008-2148
CVE.ORG link : CVE-2008-2148
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-264
Permissions, Privileges, and Access Controls