The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
No history.
Information
Published : 2010-09-30 15:00
Updated : 2024-02-28 11:41
NVD link : CVE-2010-2943
Mitre link : CVE-2010-2943
CVE.ORG link : CVE-2010-2943
JSON object : View
Products Affected
avaya
- aura_system_platform
- aura_system_manager
- aura_session_manager
- aura_voice_portal
- iq
- aura_communication_manager
- aura_presence_services
linux
- linux_kernel
canonical
- ubuntu_linux
vmware
- esx
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor