{ "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2010-2226", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2010:0610", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2010-0610.html" }, { "name": "[xfs] 20100616 Re: [Security] XFS swapext ioctl minor security issues", "refsource": "MLIST", "url": "http://archives.free.net.ph/message/20100616.135735.40f53a32.en.html" }, { "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1817176a86352f65210139d4c794ad2d19fc6b63", "refsource": "CONFIRM", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1817176a86352f65210139d4c794ad2d19fc6b63" }, { "name": "USN-1000-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1000-1" }, { "name": "[oss-security] 20100618 Re: CVE request - kernel: xfs swapext ioctl issue", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=127687486331790&w=2" }, { "name": "MDVSA-2010:198", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=605158", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=605158" }, { "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35", "refsource": "CONFIRM", "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35" }, { "name": "SUSE-SA:2011:007", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html" }, { "name": "SUSE-SA:2010:060", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html" }, { "name": "ADV-2011-0298", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0298" }, { "name": "[oss-security] 20100617 CVE request - kernel: xfs swapext ioctl issue", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=127677135609357&w=2" }, { "name": "43315", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43315" }, { "name": "[xfs] 20100616 Re: [Security] XFS swapext ioctl minor security issues", "refsource": "MLIST", "url": "http://archives.free.net.ph/message/20100616.130710.301704aa.en.html" }, { "name": "DSA-2094", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2010/dsa-2094" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" }, { "name": "40920", "refsource": "BID", "url": "http://www.securityfocus.com/bid/40920" }, { "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" } ] } }