{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only file descriptor."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2010-06-07T20:00:00Z"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585"}, {"name": "[oss-security] 20100518 Re: kernel: btrfs: check for read permission on src file in the clone ioctl", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2010/05/18/10"}, {"name": "[oss-security] 20100518 kernel: btrfs: check for read permission on src file in the clone ioctl", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2010/05/18/2"}, {"name": "[oss-security] 20100525 Re: kernel: btrfs: check for read permission on src file in the clone ioctl", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2010/05/25/8"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=593226"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:28:43.266Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585"}, {"name": "[oss-security] 20100518 Re: kernel: btrfs: check for read permission on src file in the clone ioctl", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2010/05/18/10"}, {"name": "[oss-security] 20100518 kernel: btrfs: check for read permission on src file in the clone ioctl", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2010/05/18/2"}, {"name": "[oss-security] 20100525 Re: kernel: btrfs: check for read permission on src file in the clone ioctl", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2010/05/25/8"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=593226"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-1636", "state": "PUBLISHED", "dateReserved": "2010-04-29T00:00:00Z", "datePublished": "2010-06-07T20:00:00Z", "dateUpdated": "2024-08-07T01:28:43.266Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29:*:*:*:*:*:*:*", "matchCriteriaId": "C386B13F-9D7C-45F8-B86A-886384144A8D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.1:*:*:*:*:*:*:*", "matchCriteriaId": "04BCABEB-DE2A-4C85-BFD5-7A1318479ECA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.2:*:*:*:*:*:*:*", "matchCriteriaId": "A67A63E8-837E-4162-999E-3B3DAAE57C96", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.3:*:*:*:*:*:*:*", "matchCriteriaId": "A701E87D-B807-426E-9CD4-6721DBCABE19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.4:*:*:*:*:*:*:*", "matchCriteriaId": "66F6E506-EC0A-4784-BDA3-B7B5CD938B92", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.5:*:*:*:*:*:*:*", "matchCriteriaId": "DBFA0277-B491-4BB1-88DC-85362F0A689C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.6:*:*:*:*:*:*:*", "matchCriteriaId": "BE922924-6496-4D24-94A6-8EDD431A4568", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30:*:*:*:*:*:*:*", "matchCriteriaId": "10E55450-F6D9-483C-9CC8-E651E5A12AB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.1:*:*:*:*:*:*:*", "matchCriteriaId": "99AC6D46-A0BF-4F1D-88BB-03BF74FDB84F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.2:*:*:*:*:*:*:*", "matchCriteriaId": "CC40B6DE-09D9-422B-965B-7EB9F6661DEB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.3:*:*:*:*:*:*:*", "matchCriteriaId": "FEFB6E91-34CD-4FC5-A8E1-8F5760A9B4C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.4:*:*:*:*:*:*:*", "matchCriteriaId": "91170B40-4D25-4E40-8F0B-DBC1AE217F99", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.5:*:*:*:*:*:*:*", "matchCriteriaId": "9E28B8B9-B832-4D77-BE1A-BB5D8A678678", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.6:*:*:*:*:*:*:*", "matchCriteriaId": "56DF61F4-5DA1-4D79-B6C0-0E4DB825FB3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.7:*:*:*:*:*:*:*", "matchCriteriaId": "468745AA-0BE5-4B22-91FA-2FD350BD2F64", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.8:*:*:*:*:*:*:*", "matchCriteriaId": "FF208118-3534-47E5-9943-83EF165F1249", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.9:*:*:*:*:*:*:*", "matchCriteriaId": "427E3009-A2F2-4ED2-8D1A-14938F639D2A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.10:*:*:*:*:*:*:*", "matchCriteriaId": "DD3663BD-4EF5-496C-A573-2639C9E72214", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:*:*:*:*:*:*:*", "matchCriteriaId": "C4033E0B-A3A1-4CC5-956A-AAA0FB905DDA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.1:*:*:*:*:*:*:*", "matchCriteriaId": "AC3151BF-4BEE-4415-ABA2-E6D40673E591", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.2:*:*:*:*:*:*:*", "matchCriteriaId": "1037E899-6DB3-423D-9AD0-FE79A67E9681", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.3:*:*:*:*:*:*:*", "matchCriteriaId": "E4DD2F05-F990-417A-BD6D-CD9A7EB2BD55", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.4:*:*:*:*:*:*:*", "matchCriteriaId": "0634D7FE-7685-4669-8EF9-54E99683D28E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.5:*:*:*:*:*:*:*", "matchCriteriaId": "9EEEB962-0E8D-402B-989E-96875453C609", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.6:*:*:*:*:*:*:*", "matchCriteriaId": "0042D9C4-7081-4DC2-A5B5-2649374B44F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.7:*:*:*:*:*:*:*", "matchCriteriaId": "9CD18FA2-677A-4934-88E6-0BB78D789875", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.8:*:*:*:*:*:*:*", "matchCriteriaId": "24EF19A2-A1CC-4410-8704-EF4041428383", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.9:*:*:*:*:*:*:*", "matchCriteriaId": "C9502A7E-2BFF-43A7-BF6B-ADC023BD9331", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.10:*:*:*:*:*:*:*", "matchCriteriaId": "6DC9A36E-1779-49DE-83CE-B8479CA018FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.11:*:*:*:*:*:*:*", "matchCriteriaId": "60B18050-4720-4ACB-AEE2-DEB4BFCA7B6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.12:*:*:*:*:*:*:*", "matchCriteriaId": "9704C4B5-28F1-4F62-A389-8A9917E8E99D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.13:*:*:*:*:*:*:*", "matchCriteriaId": "6574F543-0B91-49A6-81FA-8142007BCD54", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*", "matchCriteriaId": "46568A0D-F374-4DAB-9B64-FCC74A9AA07B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only file descriptor."}, {"lang": "es", "value": "La funci\u00f3n btrfs_ioctl_clone en fs/btrfs/ioctl.c en la funcionalidad btrfs del kernel de Linux v2.6.29 a v2.6.32, y posiblemente otras versiones, no garantiza que un descriptor de archivo clonado ha sido abierto solo para lectura, lo cual permite leer informaci\u00f3n sensible de un descriptor de fichero de solo escritura a usuarios locales del sistema."}], "id": "CVE-2010-1636", "lastModified": "2023-02-13T04:18:58.807", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-06-08T00:30:01.397", "references": [{"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2010/05/18/10"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.openwall.com/lists/oss-security/2010/05/18/2"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2010/05/25/8"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=593226"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}