CVE-2008-4554

Priority
Low
Description
The do_splice_from function in fs/splice.c in the Linux kernel before
2.6.27 does not reject file descriptors that have the O_APPEND flag set,
which allows local users to bypass append mode and make arbitrary changes
to other locations in the file.
Ubuntu-Description
Olaf Kirch and Miklos Szeredi discovered that the Linux kernel did not
correctly reject the "append" flag when handling file splice requests. A
local attacker could bypass append mode and make changes to arbitrary
locations in a file. This issue only affected Ubuntu 7.10 and 8.04.
References
Package
Upstream:not-affected (code not present)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:needed
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.27)
Ubuntu 8.04 LTS (Hardy Heron):released (2.6.24-22.45)
Patches:
Upstream:http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commitdiff;h=efc968d450e013049a662d22727cf132618dcb2f
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:19:08 UTC (commit 5347)