CVE-2010-2066

MEDIUM

Linux kernel <2.6.35 - Local Privilege Escalation

Title source: llm

Description

The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.

References (11)

Scores

CVSS v3 5.5
EPSS 0.0009
EPSS Percentile 26.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Classification

Status draft

Affected Products (12)

linux/linux_kernel < 2.6.35
vmware/esx
vmware/esx
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
suse/linux_enterprise_high_availability_extension
suse/suse_linux_enterprise_desktop
suse/suse_linux_enterprise_server

Timeline

Published Sep 08, 2010
Tracked Since Feb 18, 2026