oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE-2010-1146 kernel: reiserfs priv escalation

From: Eugene Teo <eugeneteo () kernel sg>
Date: Fri, 09 Apr 2010 15:23:46 +0800
On 04/09/2010 11:12 AM, Eugene Teo wrote:

Credit: Matt McCutchen. The kernel allows processes to access the
internal ".reiserfs_priv" directory at the top of a reiserfs filesystem
which is used to store xattrs. Permissions are not enforced in that
tree, so unprivileged users can view and potentially modify the xattrs
on arbitrary files.

CERT/CC (http://www.cert.org/), report ID VRF#G7I2H94M

https://bugzilla.redhat.com/show_bug.cgi?id=568041
http://marc.info/?l=linux-kernel&m=127076012022155&w=2


http://jon.oberheide.org/files/team-edward.py

Eugene
Previous By Date Next
Previous By Thread Next

Current thread: