The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl.
                
            References
                    | Link | Resource | 
|---|---|
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=2f26afba | |
| http://lkml.org/lkml/2010/5/17/544 | Exploit Patch Third Party Advisory | 
| http://www.openwall.com/lists/oss-security/2010/06/11/3 | Mailing List Third Party Advisory | 
| http://www.openwall.com/lists/oss-security/2010/06/14/2 | Mailing List Third Party Advisory | 
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=2f26afba | |
| http://lkml.org/lkml/2010/5/17/544 | Exploit Patch Third Party Advisory | 
| http://www.openwall.com/lists/oss-security/2010/06/11/3 | Mailing List Third Party Advisory | 
| http://www.openwall.com/lists/oss-security/2010/06/14/2 | Mailing List Third Party Advisory | 
Configurations
                    History
                    No history.
Information
                Published : 2010-06-16 20:30
Updated : 2025-04-11 00:51
NVD link : CVE-2010-2071
Mitre link : CVE-2010-2071
CVE.ORG link : CVE-2010-2071
JSON object : View
Products Affected
                linux
- linux_kernel
CWE
                
                    
                        
                        CWE-264
                        
            Permissions, Privileges, and Access Controls
