Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2010-2226 | First vendor Publication | 2010-09-03 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.1 | Attack Range | Local |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2226 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-200 | Information Exposure |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:20508 | |||
| Oval ID: | oval:org.mitre.oval:def:20508 | ||
| Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
| Description: | The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-2226 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2010:0610 centos5 i386 File : nvt/gb_CESA-2010_0610_kernel_centos5_i386.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1 File : nvt/gb_ubuntu_USN_1083_1.nasl |
| 2010-10-22 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-1000-1 File : nvt/gb_ubuntu_USN_1000_1.nasl |
| 2010-10-19 | Name : Mandriva Update for kernel MDVSA-2010:198 (kernel) File : nvt/gb_mandriva_MDVSA_2010_198.nasl |
| 2010-10-10 | Name : Debian Security Advisory DSA 2094-1 (linux-2.6) File : nvt/deb_2094_1.nasl |
| 2010-10-01 | Name : SuSE Update for kernel SUSE-SA:2010:046 File : nvt/gb_suse_2010_046.nasl |
| 2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:188 (kernel) File : nvt/gb_mandriva_MDVSA_2010_188.nasl |
| 2010-08-30 | Name : Fedora Update for kernel FEDORA-2010-13110 File : nvt/gb_fedora_2010_13110_kernel_fc12.nasl |
| 2010-08-13 | Name : RedHat Update for kernel RHSA-2010:0610-01 File : nvt/gb_RHSA-2010_0610-01_kernel.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 65631 | Linux Kernel fs/xfs/xfs_dfrag.c xfs_swapext() Function Crafted IOCTL Local Ac... |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2011-05-12 | IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0027158 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0622.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0610.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100810_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO |
| 2011-02-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO |
| 2010-10-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1000-1.nasl - Type : ACT_GATHER_INFO |
| 2010-10-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO |
| 2010-09-24 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-100921.nasl - Type : ACT_GATHER_INFO |
| 2010-09-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO |
| 2010-09-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12646.nasl - Type : ACT_GATHER_INFO |
| 2010-08-24 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13110.nasl - Type : ACT_GATHER_INFO |
| 2010-08-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2094.nasl - Type : ACT_GATHER_INFO |
| 2010-08-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0610.nasl - Type : ACT_GATHER_INFO |
| 2010-08-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0610.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:07:41 |
|
| 2024-11-28 12:22:10 |
|
| 2024-08-02 12:13:53 |
|
| 2024-08-02 01:03:45 |
|
| 2024-02-02 01:13:28 |
|
| 2024-02-01 12:03:41 |
|
| 2023-09-05 12:12:32 |
|
| 2023-09-05 01:03:32 |
|
| 2023-09-02 12:12:35 |
|
| 2023-09-02 01:03:34 |
|
| 2023-08-12 12:14:57 |
|
| 2023-08-12 01:03:34 |
|
| 2023-08-11 12:12:38 |
|
| 2023-08-11 01:03:42 |
|
| 2023-08-06 12:12:10 |
|
| 2023-08-06 01:03:36 |
|
| 2023-08-04 12:12:15 |
|
| 2023-08-04 01:03:37 |
|
| 2023-07-14 12:12:11 |
|
| 2023-07-14 01:03:35 |
|
| 2023-03-29 01:13:58 |
|
| 2023-03-28 12:03:41 |
|
| 2023-02-13 09:29:08 |
|
| 2022-10-11 12:10:52 |
|
| 2022-10-11 01:03:22 |
|
| 2022-03-11 01:09:04 |
|
| 2021-05-04 12:11:55 |
|
| 2021-04-22 01:12:44 |
|
| 2020-08-11 09:22:41 |
|
| 2020-08-08 00:22:44 |
|
| 2020-08-07 09:22:43 |
|
| 2020-08-06 21:23:00 |
|
| 2020-08-01 12:05:15 |
|
| 2020-07-30 01:05:24 |
|
| 2020-05-23 01:42:12 |
|
| 2020-05-23 00:25:57 |
|
| 2019-01-25 12:03:12 |
|
| 2018-11-17 12:01:42 |
|
| 2018-10-30 12:03:25 |
|
| 2018-10-11 00:19:52 |
|
| 2016-07-01 11:06:51 |
|
| 2016-06-29 00:13:25 |
|
| 2016-06-28 18:13:49 |
|
| 2016-04-26 19:52:59 |
|
| 2016-03-05 13:26:42 |
|
| 2014-11-27 13:27:44 |
|
| 2014-11-18 13:25:39 |
|
| 2014-02-17 10:55:57 |
|
| 2013-11-11 12:38:48 |
|
| 2013-05-10 23:26:58 |
|
