oss-sec mailing list archives
Re: CVE-2010-1146 kernel: reiserfs priv escalation
From: Eugene Teo <eugeneteo () kernel sg>
Date: Fri, 09 Apr 2010 15:23:46 +0800
On 04/09/2010 11:12 AM, Eugene Teo wrote:
Credit: Matt McCutchen. The kernel allows processes to access the internal ".reiserfs_priv" directory at the top of a reiserfs filesystem which is used to store xattrs. Permissions are not enforced in that tree, so unprivileged users can view and potentially modify the xattrs on arbitrary files. CERT/CC (http://www.cert.org/), report ID VRF#G7I2H94M https://bugzilla.redhat.com/show_bug.cgi?id=568041 http://marc.info/?l=linux-kernel&m=127076012022155&w=2
http://jon.oberheide.org/files/team-edward.py Eugene
Current thread:
- CVE-2010-1146 kernel: reiserfs priv escalation Eugene Teo (Apr 08)
- Re: CVE-2010-1146 kernel: reiserfs priv escalation Eugene Teo (Apr 09)