CVE-2010-2226

medium

Description

The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file.

References

https://bugzilla.redhat.com/show_bug.cgi?id=605158

http://www.vupen.com/english/advisories/2011/0298

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

http://www.ubuntu.com/usn/USN-1000-1

http://www.securityfocus.com/bid/40920

http://www.securityfocus.com/archive/1/516397/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2010-0610.html

http://www.mandriva.com/security/advisories?name=MDVSA-2010:198

http://www.debian.org/security/2010/dsa-2094

http://secunia.com/advisories/43315

http://marc.info/?l=oss-security&m=127687486331790&w=2

http://marc.info/?l=oss-security&m=127677135609357&w=2

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1817176a86352f65210139d4c794ad2d19fc6b63

Details

Source: Mitre, NVD

Published: 2010-09-03

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium