CVE-2010-2943

HIGH

Linux kernel <2.6.35 - Info Disclosure

Title source: llm

Description

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Red Hat · clocallinux

https://www.exploit-db.com/exploits/15155

View Code ZIP pw:eip

References (25)

[Broken Link] http://article.gmane.org/gmane.comp.file-systems.xfs.general/33767

[Broken Link] http://article.gmane.org/gmane.comp.file-systems.xfs.general/33768

[Broken Link] http://article.gmane.org/gmane.comp.file-systems.xfs.general/33769

[Broken Link] http://article.gmane.org/gmane.comp.file-systems.xfs.general/33771

[Patch] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1920779e67cbf5ea8afef317777c5bf2b8096188

[Patch] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7124fe0a5b619d65b739477b3b55a20bf805b06d

[Patch] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7b6259e7a83647948fa33a736cc832310c8d85aa

[Broken Link] http://oss.sgi.com/archives/xfs/2010-06/msg00191.html

[Broken Link] http://oss.sgi.com/archives/xfs/2010-06/msg00198.html

[Broken Link] http://secunia.com/advisories/42758

[Broken Link] http://secunia.com/advisories/43161

[Broken Link] http://secunia.com/advisories/46397

[Third Party Advisory] http://support.avaya.com/css/P8/documents/100113326

[Broken Link] http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35

[Mailing List, Patch, Third Party Advisory] http://www.openwall.com/lists/oss-security/2010/08/18/2

[Mailing List, Patch, Third Party Advisory] http://www.openwall.com/lists/oss-security/2010/08/19/5

[Broken Link] http://www.redhat.com/support/errata/RHSA-2010-0723.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/520102/100/0/threaded

[Exploit, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/42527

[Third Party Advisory] http://www.ubuntu.com/usn/USN-1041-1

... and 5 more

Scores

CVSS v3 8.1

EPSS 0.0382

EPSS Percentile 88.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-200

Status published

Products (24)

avaya/aura_communication_manager 5.2

avaya/aura_presence_services 6.0

avaya/aura_presence_services 6.1

avaya/aura_presence_services 6.1.1

avaya/aura_session_manager 1.1

avaya/aura_session_manager 5.2

avaya/aura_session_manager 6.0

avaya/aura_system_manager 5.2

avaya/aura_system_manager 6.0

avaya/aura_system_manager 6.1

... and 14 more

Published Sep 30, 2010

Tracked Since Feb 18, 2026