Main Vulnerability Database Exploits ID:10359 - Exploit for Security restrictions bypass in Linux kernel - CVE-2010-1146

ID:10359 - Exploit for Security restrictions bypass in Linux kernel - CVE-2010-1146

Published: August 10, 2024

Vulnerability identifier: #VU95727

Vulnerability risk: Low

CVE-ID: CVE-2010-1146

CWE-ID: CWE-264

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://www.exploit-db.com/exploits/12130/

Vulnerability description

The vulnerability allows a local user to execute arbitrary code.

The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.

Remediation

Install update from vendor's repository.

ID:10359 - Exploit for Security restrictions bypass in Linux kernel - CVE-2010-1146

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human