blob: 928c8ebd964148e33b8ac28c80518a1198868e7e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Candidate: CVE-2005-3623
References:
http://permalink.gmane.org/gmane.linux.kernel/360868
Description:
We must check for MAY_SATTR before setting acls, which includes
checking for read-only exports: the lower-level setxattr operation
that eventually sets the acl cannot check export-level restrictions.
Notes:
jmm> NFS ACLs were only introduced somewhere between 2.6.12-2.6.14, so
jmm> Sarge and Woody are not vulnerable
Bugs:
upstream: released (2.6.14.5), released (2.6.15-pre7)
linux-2.6: released (2.6.14-7)
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A
|
