The xfs implementation in the Linux kernel prior to 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
canonical ubuntu linux 10.10 |
||
canonical ubuntu linux 9.10 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 6.06 |
||
vmware esx 4.1 |
||
vmware esx 4.0 |
||
avaya aura system manager 6.0 |
||
avaya aura system manager 5.2 |
||
avaya aura communication manager 5.2 |
||
avaya aura system platform 1.1 |
||
avaya aura system platform 6.0 |
||
avaya aura system manager 6.1 |
||
avaya aura system manager 6.1.1 |
||
avaya aura session manager 1.1 |
||
avaya aura session manager 5.2 |
||
avaya aura session manager 6.0 |
||
avaya aura presence services 6.1 |
||
avaya aura presence services 6.1.1 |
||
avaya aura presence services 6.0 |
||
avaya iq 5.1 |
||
avaya iq 5.0 |
||
avaya aura voice portal 5.0 |
||
avaya aura voice portal 5.1 |