CVE-2010-2525
HIGHLinux Kernel - Incorrect Authorization in GFS2 ACL Handling
Title source: llmDescription
A flaw was discovered in gfs2 file system’s handling of acls (access control lists). An unprivileged local attacker could exploit this flaw to gain access or execute any file stored in the gfs2 file system.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://ubuntu.com/security/CVE-2010-2525
Mailing List, Patch, Vendor Advisory x_refsource_misc
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2646a1f61a3b5525914757f10fa12b5b94713648
Scores
CVSS v3
7.8
EPSS
0.0029
EPSS Percentile
20.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-863
Status
published
Products (1)
linux/linux_kernel
2.6.33 rc1
Published
Jun 22, 2021
Tracked Since
Feb 18, 2026