Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-1636
HistoryJun 07, 2010 - 12:00 a.m.

CVE-2010-1636

2010-06-0700:00:00
ubuntu.com
ubuntu.com
9

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

16.9%

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs
functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other
versions, does not ensure that a cloned file descriptor has been opened for
reading, which allows local users to read sensitive information from a
write-only file descriptor.

Bugs

Notes

Author Note
smb No btrfs before Karmic
OSVersionArchitecturePackageVersionFilename
ubuntu9.10noarchlinux< 2.6.31-22.61UNKNOWN
ubuntu10.04noarchlinux< 2.6.32-23.37UNKNOWN

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

16.9%