Lucene search

Ubuntu.comUB:CVE-2010-2525

HistoryMay 16, 2012 - 12:00 a.m.

CVE-2010-2525

2012-05-1600:00:00

ubuntu.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

A flaw was discovered in gfs2 file system’s handling of acls (access
control lists). An unprivileged local attacker could exploit this flaw to
gain access or execute any file stored in the gfs2 file system.

Bugs

<https://launchpad.net/bugs/1001030>

Notes

Author	Note
jdstrand	linux-armadaxp is maintained by OEM

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux< 2.6.24-28.80UNKNOWN
ubuntu9.04noarchlinux< 2.6.28-19.66UNKNOWN
ubuntu9.10noarchlinux< 2.6.31-22.67UNKNOWN
ubuntu10.04noarchlinux< 2.6.32-25.43UNKNOWN
ubuntu10.10noarchlinux< 2.6.35-22.35UNKNOWN
ubuntu9.10noarchlinux-ec2< 2.6.31-307.21UNKNOWN
ubuntu10.04noarchlinux-ec2< 2.6.32-309.17UNKNOWN
ubuntu6.06noarchlinux-source-2.6.15< 2.6.15-55.89UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	linux	< 2.6.24-28.80	UNKNOWN
ubuntu	9.04	noarch	linux	< 2.6.28-19.66	UNKNOWN
ubuntu	9.10	noarch	linux	< 2.6.31-22.67	UNKNOWN
ubuntu	10.04	noarch	linux	< 2.6.32-25.43	UNKNOWN
ubuntu	10.10	noarch	linux	< 2.6.35-22.35	UNKNOWN
ubuntu	9.10	noarch	linux-ec2	< 2.6.31-307.21	UNKNOWN
ubuntu	10.04	noarch	linux-ec2	< 2.6.32-309.17	UNKNOWN
ubuntu	6.06	noarch	linux-source-2.6.15	< 2.6.15-55.89	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2010-2525

nvd.nist.gov/vuln/detail/CVE-2010-2525

security-tracker.debian.org/tracker/CVE-2010-2525

ubuntu.com/security/notices/USN-1000-1

www.cve.org/CVERecord?id=CVE-2010-2525

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for UB:CVE-2010-2525