The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2010-04-12T18:00:00
Updated: 2024-08-07T01:14:05.681Z
Reserved: 2010-03-29T00:00:00
Link: CVE-2010-1146
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2010-04-12T18:30:00.757
Modified: 2020-08-28T16:06:50.227
Link: CVE-2010-1146
Redhat
No data.