Vulnerability Description
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only file descriptor.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.6.29 |
Related Weaknesses (CWE)
References
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%
- http://www.openwall.com/lists/oss-security/2010/05/18/10
- http://www.openwall.com/lists/oss-security/2010/05/18/2Patch
- http://www.openwall.com/lists/oss-security/2010/05/25/8
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585ExploitPatch
- https://bugzilla.redhat.com/show_bug.cgi?id=593226Exploit
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%
- http://www.openwall.com/lists/oss-security/2010/05/18/10
- http://www.openwall.com/lists/oss-security/2010/05/18/2Patch
- http://www.openwall.com/lists/oss-security/2010/05/25/8
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585ExploitPatch
- https://bugzilla.redhat.com/show_bug.cgi?id=593226Exploit
FAQ
What is CVE-2010-1636?
CVE-2010-1636 is a vulnerability with a CVSS score of 2.1 (LOW). The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has ...
How severe is CVE-2010-1636?
CVE-2010-1636 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1636?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.