Vulnerability Description
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 2.6.35 |
| Canonical | Ubuntu Linux | 6.06 |
| Vmware | Esx | 4.0 |
| Avaya | Aura Communication Manager | 5.2 |
| Avaya | Aura Presence Services | 6.0 |
| Avaya | Aura Session Manager | 1.1 |
| Avaya | Aura System Manager | 5.2 |
| Avaya | Aura System Platform | 1.1 |
| Avaya | Aura Voice Portal | 5.0 |
| Avaya | Iq | 5.0 |
Related Weaknesses (CWE)
References
- http://article.gmane.org/gmane.comp.file-systems.xfs.general/33767Broken Link
- http://article.gmane.org/gmane.comp.file-systems.xfs.general/33768Broken Link
- http://article.gmane.org/gmane.comp.file-systems.xfs.general/33769Broken Link
- http://article.gmane.org/gmane.comp.file-systems.xfs.general/33771Broken Link
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=
- http://oss.sgi.com/archives/xfs/2010-06/msg00191.htmlBroken Link
- http://oss.sgi.com/archives/xfs/2010-06/msg00198.htmlBroken Link
- http://secunia.com/advisories/42758Broken Link
- http://secunia.com/advisories/43161Broken Link
- http://secunia.com/advisories/46397Broken Link
- http://support.avaya.com/css/P8/documents/100113326Third Party Advisory
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35Broken Link
- http://www.openwall.com/lists/oss-security/2010/08/18/2Mailing ListPatchThird Party Advisory
FAQ
What is CVE-2010-2943?
CVE-2010-2943 is a vulnerability with a CVSS score of 8.1 (HIGH). The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read ...
How severe is CVE-2010-2943?
CVE-2010-2943 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-2943?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Canonical Ubuntu Linux, Vmware Esx, Avaya Aura Communication Manager, Avaya Aura Presence Services.