Lucene search

K
cvelistRedhatCVELIST:CVE-2014-9710
HistoryMay 27, 2015 - 10:00 a.m.

CVE-2014-9710

2015-05-2710:00:00
redhat
www.cve.org
5

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%

The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time window, related to a race condition, or (2) after an xattr-replacement attempt that fails because the data does not fit.

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%