CVE-2010-1146

2010-04-12T18:30:00
ID CVE-2010-1146
Type cve
Reporter cve@mitre.org
Modified 2017-08-17T01:32:00

Description

The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.