CVE-2007-4849 (retired)

Priority
Description
JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly other
Linux systems, when POSIX ACL support is enabled, does not properly store
permissions during (1) inode creation or (2) ACL setting, which might allow
local users to access restricted files or directories after a remount of a
filesystem, related to "legacy modes" and an inconsistency between dentry
permissions and inode permissions.
Notes
 jdstrand> fix in DSA 1378-1 and 1378-2
Assigned-to
kees
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.24)
Ubuntu 19.10 (Eoan):not-affected (2.6.24-4.7)
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-08-23 08:22:56 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)