CVE-2010-1636
Severity CVSS v4.0:
Pending analysis
Type:
CWE-200
Information Leak / Disclosure
Publication date:
08/06/2010
Last modified:
11/04/2025
Description
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only file descriptor.
Impact
Base Score 2.0
2.10
Severity 2.0
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:2.6.29:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.29.1:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.29.2:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.29.3:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.29.4:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.29.5:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.29.6:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.30:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.30.1:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.30.2:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.30.3:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.30.4:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.30.5:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.30.6:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.30.7:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba%3Dcommitdiff%3Bh%3D5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395
- http://www.openwall.com/lists/oss-security/2010/05/18/10
- http://www.openwall.com/lists/oss-security/2010/05/18/2
- http://www.openwall.com/lists/oss-security/2010/05/25/8
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585
- https://bugzilla.redhat.com/show_bug.cgi?id=593226
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba%3Dcommitdiff%3Bh%3D5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395
- http://www.openwall.com/lists/oss-security/2010/05/18/10
- http://www.openwall.com/lists/oss-security/2010/05/18/2
- http://www.openwall.com/lists/oss-security/2010/05/25/8
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585
- https://bugzilla.redhat.com/show_bug.cgi?id=593226