Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 325595 (CVE-2010-1636)

Summary: Kernel: btrfs_ioctl_clone() information leak (CVE-2010-1636)
Product: Gentoo Security Reporter: Stefan Behte (RETIRED) <craig>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: hardened, kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395
Whiteboard: [ linux >= 2.6.29 <= 2.6.32 ]
Package list:
Runtime testing required: ---

Description Stefan Behte (RETIRED) gentoo-dev Security 2010-06-25 20:50:41 UTC 
CVE-2010-1636 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1636):
  The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs
  functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly
  other versions, does not ensure that a cloned file descriptor has
  been opened for reading, which allows local users to read sensitive
  information from a write-only file descriptor.