Vulnerability Details : CVE-2014-9710
The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time window, related to a race condition, or (2) after an xattr-replacement attempt that fails because the data does not fit.
Products affected by CVE-2014-9710
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-9710
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-9710
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
CWE ids for CVE-2014-9710
-
The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-9710
-
https://bugzilla.redhat.com/show_bug.cgi?id=1205079
1205079 – (CVE-2014-9710) CVE-2014-9710 Kernel: fs: btrfs: non-atomic xattr replace operationIssue Tracking;Third Party Advisory
-
http://www.securitytracker.com/id/1032418
Linux Kernel Btrfs Bug Lets Local Users Gain Elevated Privileges - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339
Broken Link;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
[security-announce] SUSE-SU-2015:1224-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
[security-announce] SUSE-SU-2015:1489-1: important: Live patch for the LMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2015/03/24/11
oss-security - CVE request Linux kernel: fs: btrfs: non-atomic xattr replace operationMailing List
-
https://github.com/torvalds/linux/commit/5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339
Btrfs: make xattr replace operations atomic · torvalds/linux@5f5bc6b · GitHubPatch
Jump to