CVE - CVE-2010-1636

CVE-ID
CVE-2010-1636	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only file descriptor.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MLIST:[oss-security] 20100518 Re: kernel: btrfs: check for read permission on src file in the clone ioctl URL:http://www.openwall.com/lists/oss-security/2010/05/18/10 MLIST:[oss-security] 20100518 kernel: btrfs: check for read permission on src file in the clone ioctl URL:http://www.openwall.com/lists/oss-security/2010/05/18/2 MLIST:[oss-security] 20100525 Re: kernel: btrfs: check for read permission on src file in the clone ioctl URL:http://www.openwall.com/lists/oss-security/2010/05/25/8 MISC:https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585 CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=593226
Assigning CNA
N/A
Date Entry Created
20100429	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20100429)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org