8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.02 Low
EPSS
Percentile
88.8%
The xfs implementation in the Linux kernel before 2.6.35 does not look up
inode allocation btrees before reading inode buffers, which allows remote
authenticated users to read unlinked files, or read or overwrite disk
blocks that are currently assigned to an active file but were previously
assigned to an unlinked file, by accessing a stale NFS filehandle.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | linux | < 2.6.24-28.82 | UNKNOWN |
ubuntu | 9.10 | noarch | linux | < 2.6.31-22.70 | UNKNOWN |
ubuntu | 10.04 | noarch | linux | < 2.6.32-27.49 | UNKNOWN |
ubuntu | 10.10 | noarch | linux | < 2.6.35-22.35 | UNKNOWN |
ubuntu | 9.10 | noarch | linux-ec2 | < 2.6.31-307.23 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-ec2 | < 2.6.32-311.22 | UNKNOWN |
ubuntu | 9.10 | noarch | linux-fsl-imx51 | < 2.6.31-112.30 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-fsl-imx51 | < 2.6.31-608.21 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-lts-backport-maverick | < 2.6.35-23.40~lucid1 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-mvl-dove | < 2.6.32-213.29 | UNKNOWN |
www.openwall.com/lists/oss-security/2010/08/18/2
launchpad.net/bugs/cve/CVE-2010-2943
nvd.nist.gov/vuln/detail/CVE-2010-2943
security-tracker.debian.org/tracker/CVE-2010-2943
ubuntu.com/security/notices/USN-1041-1
ubuntu.com/security/notices/USN-1057-1
ubuntu.com/security/notices/USN-1072-1
ubuntu.com/security/notices/USN-1074-1
ubuntu.com/security/notices/USN-1074-2
ubuntu.com/security/notices/USN-1083-1
ubuntu.com/security/notices/USN-1093-1
www.cve.org/CVERecord?id=CVE-2010-2943
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.02 Low
EPSS
Percentile
88.8%