NVD Vulnerability Detail

CVE-2010-2943

Summary	The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
Publication Date	Oct. 1, 2010, midnight
Registration Date	Jan. 29, 2021, 11:04 a.m.
Last Update	Nov. 21, 2024, 10:17 a.m.

CVSS3.1 : HIGH
スコア	8.1
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃に必要な特権レベル(PR)	低
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	なし

CVSS2.0 : MEDIUM
Score	6.4
Vector	AV:N/AC:L/Au:N/C:P/I:P/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	なし
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:linux:linux_kernel::::::::					2.6.35

Configuration2	or higher	or less	more than	less than
cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
cpe:2.3:o:canonical:ubuntu_linux:6.06::::-:::

Configuration3	or higher	or less	more than	less than
cpe:2.3:o:vmware:esx:4.1:::::::*
cpe:2.3:o:vmware:esx:4.0:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:avaya:aura_system_manager:6.0:::::::*
cpe:2.3:a:avaya:aura_system_manager:5.2:::::::*
cpe:2.3:a:avaya:aura_communication_manager:5.2:::::::*
cpe:2.3:a:avaya:aura_system_platform:1.1:::::::*
cpe:2.3:a:avaya:aura_system_platform:6.0:-::::::
cpe:2.3:a:avaya:aura_system_platform:6.0:sp1::::::
cpe:2.3:a:avaya:aura_system_manager:6.1:::::::*
cpe:2.3:a:avaya:aura_system_manager:6.1.1:::::::*
cpe:2.3:a:avaya:aura_session_manager:1.1:::::::*
cpe:2.3:a:avaya:aura_session_manager:5.2:::::::*
cpe:2.3:a:avaya:aura_session_manager:6.0:::::::*
cpe:2.3:a:avaya:aura_presence_services:6.1:::::::*
cpe:2.3:a:avaya:aura_presence_services:6.1.1:::::::*
cpe:2.3:a:avaya:aura_presence_services:6.0:::::::*
cpe:2.3:a:avaya:iq:5.1:::::::*
cpe:2.3:a:avaya:iq:5.0:::::::*
cpe:2.3:a:avaya:aura_voice_portal:5.0:::::::*
cpe:2.3:a:avaya:aura_voice_portal:5.1:-::::::
cpe:2.3:a:avaya:aura_voice_portal:5.1:sp1::::::

Related information, measures and tools

No	URL	タグ
1	http://article.gmane.org/gmane.comp.file-systems.xfs.general/33767	Broken Link
2	http://article.gmane.org/gmane.comp.file-systems.xfs.general/33767	Broken Link
3	http://article.gmane.org/gmane.comp.file-systems.xfs.general/33768	Broken Link
4	http://article.gmane.org/gmane.comp.file-systems.xfs.general/33768	Broken Link
5	http://article.gmane.org/gmane.comp.file-systems.xfs.general/33769	Broken Link
6	http://article.gmane.org/gmane.comp.file-systems.xfs.general/33769	Broken Link
7	http://article.gmane.org/gmane.comp.file-systems.xfs.general/33771	Broken Link
8	http://article.gmane.org/gmane.comp.file-systems.xfs.general/33771	Broken Link
9	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1920779e67cbf5ea8afef317777c5bf2b8096188
10	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1920779e67cbf5ea8afef317777c5bf2b8096188
11	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7124fe0a5b619d65b739477b3b55a20bf805b06d
12	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7124fe0a5b619d65b739477b3b55a20bf805b06d
13	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7b6259e7a83647948fa33a736cc832310c8d85aa
14	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7b6259e7a83647948fa33a736cc832310c8d85aa
15	http://oss.sgi.com/archives/xfs/2010-06/msg00191.html	Broken Link
16	http://oss.sgi.com/archives/xfs/2010-06/msg00191.html	Broken Link
17	http://oss.sgi.com/archives/xfs/2010-06/msg00198.html	Broken Link
18	http://oss.sgi.com/archives/xfs/2010-06/msg00198.html	Broken Link
19	http://secunia.com/advisories/42758	Broken Link
20	http://secunia.com/advisories/42758	Broken Link
21	http://secunia.com/advisories/43161	Broken Link
22	http://secunia.com/advisories/43161	Broken Link
23	http://secunia.com/advisories/46397	Broken Link
24	http://secunia.com/advisories/46397	Broken Link
25	http://support.avaya.com/css/P8/documents/100113326	Third Party Advisory
26	http://support.avaya.com/css/P8/documents/100113326	Third Party Advisory
27	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35	Broken Link
28	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35	Broken Link
29	http://www.openwall.com/lists/oss-security/2010/08/18/2	Mailing List Patch Third Party Advisory
30	http://www.openwall.com/lists/oss-security/2010/08/18/2	Mailing List Patch Third Party Advisory
31	http://www.openwall.com/lists/oss-security/2010/08/19/5	Mailing List Patch Third Party Advisory
32	http://www.openwall.com/lists/oss-security/2010/08/19/5	Mailing List Patch Third Party Advisory
33	http://www.redhat.com/support/errata/RHSA-2010-0723.html	Broken Link
34	http://www.redhat.com/support/errata/RHSA-2010-0723.html	Broken Link
35	http://www.securityfocus.com/archive/1/520102/100/0/threaded	Third Party Advisory VDB Entry
36	http://www.securityfocus.com/archive/1/520102/100/0/threaded	Third Party Advisory VDB Entry
37	http://www.securityfocus.com/bid/42527	Exploit Third Party Advisory VDB Entry
38	http://www.securityfocus.com/bid/42527	Exploit Third Party Advisory VDB Entry
39	http://www.ubuntu.com/usn/USN-1041-1	Third Party Advisory
40	http://www.ubuntu.com/usn/USN-1041-1	Third Party Advisory
41	http://www.ubuntu.com/usn/USN-1057-1	Third Party Advisory
42	http://www.ubuntu.com/usn/USN-1057-1	Third Party Advisory
43	http://www.vmware.com/security/advisories/VMSA-2011-0012.html	Third Party Advisory
44	http://www.vmware.com/security/advisories/VMSA-2011-0012.html	Third Party Advisory
45	http://www.vupen.com/english/advisories/2011/0070	Broken Link
46	http://www.vupen.com/english/advisories/2011/0070	Broken Link
47	http://www.vupen.com/english/advisories/2011/0280	Broken Link
48	http://www.vupen.com/english/advisories/2011/0280	Broken Link
49	https://bugzilla.redhat.com/show_bug.cgi?id=624923	Issue Tracking Patch Third Party Advisory
50	https://bugzilla.redhat.com/show_bug.cgi?id=624923	Issue Tracking Patch Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-200	情報漏えい	https://cwe.mitre.org/data/definitions/200.html

JVN Vulnerability Information

Linux kernel の xfs 実装におけるリンクが無効に設定されているファイルを読まれる脆弱性

Title	Linux kernel の xfs 実装におけるリンクが無効に設定されているファイルを読まれる脆弱性
Summary	Linux kernel の xfs 実装は、inode バッファを読み込む前に、inode が配置された brees を検索しないため、リンクが無効に設定されているファイルやディスクブロックを有効なファイルとして読まれる、または上書きされる脆弱性が存在します。
Possible impacts	リモート認証されたユーザにより、リンクが無効に設定されているファイルやディスクブロックを有効なファイルとして読まれる、または上書きされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Sept. 20, 2010, midnight
Registration Date	Oct. 15, 2010, 1:25 p.m.
Last Update	Dec. 26, 2012, 11:58 a.m.

Affected System

レッドハット

Red Hat Enterprise Linux 5 (server)

Red Hat Enterprise Linux Desktop 5.0 (client)

サイバートラスト株式会社

Asianux Server 3 (x86)

Asianux Server 3 (x86-64)

VMware

VMware ESX 3.0.3

VMware ESX 3.5

VMware ESX 4.0

VMware ESX 4.1

Linux

Linux Kernel 2.6.35.5 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-2943	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2943
National Vulnerability Database (NVD)
2	CVE-2010-2943	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2943

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-200	https://jvndb.jvn.jp/ja/cwe/CWE-200.html

ベンダー情報

No	Name	URL
Asianux Technical Support Network
1	kernel-2.6.18-194.7.AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1284
Linux Kernel
2	ChangeLog-2.6.35.5	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.5
Red Hat Security Advisory
3	RHSA-2010:0723	https://rhn.redhat.com/errata/RHSA-2010-0723.html
VMware Security Advisories
4	VMSA-2011-0012	http://www.vmware.com/jp/support/support-resources/advisories/VMSA-2011-0012.html

その他

No	Name	URL
SecurityFocus
1	42527	http://www.securityfocus.com/bid/42527

Change Log

No	Changed Details	Date of change
0	[2010年10月15日] 掲載 [2010年11月09日] 影響を受けるシステム：ミラクル・リナックス (kernel-2.6.18-194.7.AXS3) の情報を追加ベンダ情報：ミラクル・リナックス (kernel-2.6.18-194.7.AXS3) を追加 [2012年12月26日] 影響を受けるシステム：VMware (VMSA-2011-0012) の情報を追加ベンダ情報：VMware (VMSA-2011-0012) を追加	Feb. 17, 2018, 10:37 a.m.

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:avaya:aura_system_manager:6.0:::::::*
cpe:2.3:a:avaya:aura_system_manager:5.2:::::::*
cpe:2.3:a:avaya:aura_communication_manager:5.2:::::::*
cpe:2.3:a:avaya:aura_system_platform:1.1:::::::*
cpe:2.3:a:avaya:aura_system_platform:6.0:-::::::
cpe:2.3:a:avaya:aura_system_platform:6.0:sp1::::::
cpe:2.3:a:avaya:aura_system_manager:6.1:::::::*
cpe:2.3:a:avaya:aura_system_manager:6.1.1:::::::*
cpe:2.3:a:avaya:aura_session_manager:1.1:::::::*
cpe:2.3:a:avaya:aura_session_manager:5.2:::::::*
cpe:2.3:a:avaya:aura_session_manager:6.0:::::::*
cpe:2.3:a:avaya:aura_presence_services:6.1:::::::*
cpe:2.3:a:avaya:aura_presence_services:6.1.1:::::::*
cpe:2.3:a:avaya:aura_presence_services:6.0:::::::*
cpe:2.3:a:avaya:iq:5.1:::::::*
cpe:2.3:a:avaya:iq:5.0:::::::*
cpe:2.3:a:avaya:aura_voice_portal:5.0:::::::*
cpe:2.3:a:avaya:aura_voice_portal:5.1:-::::::
cpe:2.3:a:avaya:aura_voice_portal:5.1:sp1::::::