CVE-2010-2943 : The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode b

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

Published 2010-09-30 15:00:02

Updated 2023-02-13 04:21:20

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Information leak

Threat overview for CVE-2010-2943

Top countries where our scanners detected CVE-2010-2943

Top open port discovered on systems with this issue 49152

IPs affected by CVE-2010-2943 2,374

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2010-2943!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2010-2943

Probability of exploitation activity in the next 30 days: 2.03%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 88 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2010-2943

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.4	MEDIUM	AV:N/AC:L/Au:N/C:P/I:P/A:N	10.0	4.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None
8.1	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N	2.8	5.2	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: None

CWE ids for CVE-2010-2943

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-2943

http://support.avaya.com/css/P8/documents/100113326

ASA-2010-291 (RHSA-2010-0723)
Third Party Advisory

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2010/08/18/2

oss-security - CVE request - kernel: xfs: stale data exposure
Mailing List;Patch;Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=624923

624923 – (CVE-2010-2943) CVE-2010-2943 kernel: xfs: validate inode numbers in file handles correctly
Issue Tracking;Patch;Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7124fe0a5b619d65b739477b3b55a20bf805b06d
http://www.securityfocus.com/archive/1/520102/100/0/threaded

SecurityFocus
Third Party Advisory;VDB Entry

CVEs referencing this url
http://www.vmware.com/security/advisories/VMSA-2011-0012.html

VMSA-2011-0012.3
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-1057-1

USN-1057-1: Linux kernel vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-1041-1

USN-1041-1: Linux kernel vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1920779e67cbf5ea8afef317777c5bf2b8096188
http://www.openwall.com/lists/oss-security/2010/08/19/5

oss-security - Re: CVE request - kernel: xfs: stale data exposure
Mailing List;Patch;Third Party Advisory
http://www.securityfocus.com/bid/42527

XFS Deleted Inode Local Information Disclosure Vulnerability
Exploit;Third Party Advisory;VDB Entry
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7b6259e7a83647948fa33a736cc832310c8d85aa

Products affected by CVE-2010-2943