The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel prior to 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
suse linux enterprise server 10 |
||
suse linux enterprise desktop 10 |
||
suse linux enterprise software development kit 10 |
||
debian debian linux 5.0 |
||
canonical ubuntu linux 10.10 |
||
canonical ubuntu linux 9.04 |
||
canonical ubuntu linux 9.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 6.06 |