CVE-2010-2066

Published: Sep 8, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

RHSA-2010:0610

vendor-advisory

x_refsource_REDHAT

USN-1000-1

vendor-advisory

x_refsource_UBUNTU

SUSE-SA:2010:033

vendor-advisory

x_refsource_SUSE

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35

x_refsource_CONFIRM

[oss-security] 20100607 CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files

mailing-list

x_refsource_MLIST

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72

x_refsource_CONFIRM

43315

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20100609 Re: CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=601006

x_refsource_CONFIRM

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

x_refsource_CONFIRM

20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-2066

Description

Affected Products

References