{ "id": "CVE-2010-1636", "sourceIdentifier": "secalert@redhat.com", "published": "2010-06-08T00:30:01.397", "lastModified": "2024-11-21T01:14:51.490", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only file descriptor." }, { "lang": "es", "value": "La funci\u00f3n btrfs_ioctl_clone en fs/btrfs/ioctl.c en la funcionalidad btrfs del kernel de Linux v2.6.29 a v2.6.32, y posiblemente otras versiones, no garantiza que un descriptor de archivo clonado ha sido abierto solo para lectura, lo cual permite leer informaci\u00f3n sensible de un descriptor de fichero de solo escritura a usuarios locales del sistema." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "baseScore": 2.1, "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "baseSeverity": "LOW", "exploitabilityScore": 3.9, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-200" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29:*:*:*:*:*:*:*", "matchCriteriaId": "C386B13F-9D7C-45F8-B86A-886384144A8D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.1:*:*:*:*:*:*:*", "matchCriteriaId": "04BCABEB-DE2A-4C85-BFD5-7A1318479ECA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.2:*:*:*:*:*:*:*", "matchCriteriaId": "A67A63E8-837E-4162-999E-3B3DAAE57C96" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.3:*:*:*:*:*:*:*", "matchCriteriaId": "A701E87D-B807-426E-9CD4-6721DBCABE19" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.4:*:*:*:*:*:*:*", "matchCriteriaId": "66F6E506-EC0A-4784-BDA3-B7B5CD938B92" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.5:*:*:*:*:*:*:*", "matchCriteriaId": "DBFA0277-B491-4BB1-88DC-85362F0A689C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.6:*:*:*:*:*:*:*", "matchCriteriaId": "BE922924-6496-4D24-94A6-8EDD431A4568" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30:*:*:*:*:*:*:*", "matchCriteriaId": "10E55450-F6D9-483C-9CC8-E651E5A12AB1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.1:*:*:*:*:*:*:*", "matchCriteriaId": "99AC6D46-A0BF-4F1D-88BB-03BF74FDB84F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.2:*:*:*:*:*:*:*", "matchCriteriaId": "CC40B6DE-09D9-422B-965B-7EB9F6661DEB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.3:*:*:*:*:*:*:*", "matchCriteriaId": "FEFB6E91-34CD-4FC5-A8E1-8F5760A9B4C0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.4:*:*:*:*:*:*:*", "matchCriteriaId": "91170B40-4D25-4E40-8F0B-DBC1AE217F99" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.5:*:*:*:*:*:*:*", "matchCriteriaId": "9E28B8B9-B832-4D77-BE1A-BB5D8A678678" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.6:*:*:*:*:*:*:*", "matchCriteriaId": "56DF61F4-5DA1-4D79-B6C0-0E4DB825FB3A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.7:*:*:*:*:*:*:*", "matchCriteriaId": "468745AA-0BE5-4B22-91FA-2FD350BD2F64" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.8:*:*:*:*:*:*:*", "matchCriteriaId": "FF208118-3534-47E5-9943-83EF165F1249" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.9:*:*:*:*:*:*:*", "matchCriteriaId": "427E3009-A2F2-4ED2-8D1A-14938F639D2A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30.10:*:*:*:*:*:*:*", "matchCriteriaId": "DD3663BD-4EF5-496C-A573-2639C9E72214" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:*:*:*:*:*:*:*", "matchCriteriaId": "C4033E0B-A3A1-4CC5-956A-AAA0FB905DDA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.1:*:*:*:*:*:*:*", "matchCriteriaId": "AC3151BF-4BEE-4415-ABA2-E6D40673E591" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.2:*:*:*:*:*:*:*", "matchCriteriaId": "1037E899-6DB3-423D-9AD0-FE79A67E9681" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.3:*:*:*:*:*:*:*", "matchCriteriaId": "E4DD2F05-F990-417A-BD6D-CD9A7EB2BD55" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.4:*:*:*:*:*:*:*", "matchCriteriaId": "0634D7FE-7685-4669-8EF9-54E99683D28E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.5:*:*:*:*:*:*:*", "matchCriteriaId": "9EEEB962-0E8D-402B-989E-96875453C609" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.6:*:*:*:*:*:*:*", "matchCriteriaId": "0042D9C4-7081-4DC2-A5B5-2649374B44F3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.7:*:*:*:*:*:*:*", "matchCriteriaId": "9CD18FA2-677A-4934-88E6-0BB78D789875" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.8:*:*:*:*:*:*:*", "matchCriteriaId": "24EF19A2-A1CC-4410-8704-EF4041428383" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.9:*:*:*:*:*:*:*", "matchCriteriaId": "C9502A7E-2BFF-43A7-BF6B-ADC023BD9331" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.10:*:*:*:*:*:*:*", "matchCriteriaId": "6DC9A36E-1779-49DE-83CE-B8479CA018FA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.11:*:*:*:*:*:*:*", "matchCriteriaId": "60B18050-4720-4ACB-AEE2-DEB4BFCA7B6E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.12:*:*:*:*:*:*:*", "matchCriteriaId": "9704C4B5-28F1-4F62-A389-8A9917E8E99D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31.13:*:*:*:*:*:*:*", "matchCriteriaId": "6574F543-0B91-49A6-81FA-8142007BCD54" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*", "matchCriteriaId": "46568A0D-F374-4DAB-9B64-FCC74A9AA07B" } ] } ] } ], "references": [ { "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395", "source": "secalert@redhat.com" }, { "url": "http://www.openwall.com/lists/oss-security/2010/05/18/10", "source": "secalert@redhat.com" }, { "url": "http://www.openwall.com/lists/oss-security/2010/05/18/2", "source": "secalert@redhat.com", "tags": [ "Patch" ] }, { "url": "http://www.openwall.com/lists/oss-security/2010/05/25/8", "source": "secalert@redhat.com" }, { "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585", "source": "secalert@redhat.com", "tags": [ "Exploit", "Patch" ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=593226", "source": "secalert@redhat.com", "tags": [ "Exploit" ] }, { "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.openwall.com/lists/oss-security/2010/05/18/10", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.openwall.com/lists/oss-security/2010/05/18/2", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "http://www.openwall.com/lists/oss-security/2010/05/25/8", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=593226", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ] } ] }