CVE-2010-2066 (retired)

Priority
Description
The mext_check_arguments function in fs/ext4/move_extent.c in the Linux
kernel before 2.6.35 allows local users to overwrite an append-only file
via a MOVE_EXT ioctl call that specifies this file as a donor.
Ubuntu-Description
Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly
check file permissions. A local attacker could overwrite append-only files,
leading to potential data loss.
Assigned-to
bradf
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:51:50 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)