vulnerability note CVE-2010-1636

Linux kernel: copy of btrfs files

Synthesis of the vulnerability

On a btrfs filesystem, a local attacker can copy a file which is not readable.

Severity: 1/4. Creation date: 18/05/2010.

Description of the vulnerability

The btrfs filesystem is supported since Linux kernel version 2.6.29. The btrfs_ioctl_clone() function of the fs/btrfs/ioctl.c file is used to clone/copy a file. However, this function does not check if the source file can be read. On a btrfs filesystem, a local attacker can therefore copy a file which is not readable.

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: Linux kernel: copy of btrfs files. Keywords: Linux btrfs btrfs_ioctl_clone copy files kernel. Identifiers: BID-40241, CVE-2010-1636, FEDORA-2010-9183, FEDORA-2010-9209, VIGILANCE-VUL-9649.

Information sources

Publications and announces Source example: Btrfs: check for read permission on src file in the clone ioctl

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerability database