Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2010-2537

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.

Published

2010-09-30T15:00:01.847

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 7.1 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:C/A:C

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

3.9

Impact Score

9.2

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System linux linux_kernel < 2.6.35 Yes
Operating System canonical ubuntu_linux 9.10 Yes
Operating System canonical ubuntu_linux 10.04 Yes
Operating System canonical ubuntu_linux 10.10 Yes
Operating System suse linux_enterprise_high_availability_extension 11 Yes
Operating System suse suse_linux_enterprise_desktop 11 Yes
Operating System suse suse_linux_enterprise_server 11 Yes
References