CVE-2010-1636

Severity CVSS v4.0:
Pending analysis
Type:
CWE-200 Information Leak / Disclosure
Publication date:
08/06/2010
Last modified:
11/04/2025

Description

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only file descriptor.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:2.6.29:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.29.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.29.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.29.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.29.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.29.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.29.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.30:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.30.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.30.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.30.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.30.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.30.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.30.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.30.7:*:*:*:*:*:*:*