The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Linux kernel: ACL change on btrfs

Synthesis of the vulnerability 

On a btrfs filesystem, a local attacker can change ACLs of a file belonging to another user.
Impacted systems: Fedora, Linux, openSUSE.
Severity of this alert: 1/4.
Creation date: 14/06/2010.
Références of this alert: BID-41467, CVE-2010-2071, FEDORA-2010-10876, FEDORA-2010-10880, openSUSE-SU-2010:0664-1, SUSE-SA:2010:046, VIGILANCE-VUL-9707.

Description of the vulnerability 

The btrfs filesystem is supported since Linux kernel version 2.6.29.

The setfacl command is used to define ACLs on a file. The btrfs_xattr_set_acl() function of the fs/btrfs/acl.c file implements the system call on btrfs. However, this function does not check if the user owns the file.

On a btrfs filesystem, a local attacker can therefore change ACLs of a file belonging to another user.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer threat bulletin impacts software or systems such as Fedora, Linux, openSUSE.

Our Vigil@nce team determined that the severity of this security threat is low.

The trust level is of type confirmed by the editor, with an origin of user account.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this computer vulnerability alert.

Solutions for this threat 

Linux kernel: version 2.6.34.1.
Version 2.6.34.1 is corrected:
  http://www.kernel.org/pub/linux/kernel/v2.6/

Linux kernel: version 2.6.33.6.
Version 2.6.33.6 is corrected:
  http://www.kernel.org/pub/linux/kernel/v2.6/

Linux kernel: version 2.6.32.16.
Version 2.6.32.16 is corrected:
  http://www.kernel.org/pub/linux/kernel/v2.6/

Linux kernel: patch for btrfs ACL.
A patch is available in information sources.

Fedora 12: new kernel packages.
New packages are available:
  kernel-2.6.32.16-141.fc12

Fedora 13: new kernel packages.
New packages are available:
  kernel-2.6.33.6-147.fc13

openSUSE 11.2: new kernel packages.
New packages are available:
  kernel-*-2.6.31.14-0.1.1
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a network vulnerability bulletin. The technology watch team tracks security threats targeting the computer system.