QwikSec

Security Database

CVE

CWE

Training

CVE-2010-1636

Published: Jun 7, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only file descriptor.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585

x_refsource_MISC

[oss-security] 20100518 Re: kernel: btrfs: check for read permission on src file in the clone ioctl

mailing-list

x_refsource_MLIST

[oss-security] 20100518 kernel: btrfs: check for read permission on src file in the clone ioctl

mailing-list

x_refsource_MLIST

[oss-security] 20100525 Re: kernel: btrfs: check for read permission on src file in the clone ioctl

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=593226

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.