CVE-2010-1146

CVE-2010-1146 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.