Linux kernel Btrfs Privilege Escalation Vulnerability (CVE-2014-9710)

Linux kernel Btrfs Privilege Escalation Vulnerability (CVE-2014-9710)
Linux kernel Btrfs Privilege Escalation Vulnerability (CVE-2014-9710)

Release date:
Updated on:

Affected Systems:

Linux kernel < 3.19

Description:

CVE (CAN) ID: CVE-2014-9710

Linux Kernel is the Kernel of the Linux operating system.

In the implementation of Btrfs in versions earlier than Linux kernel 3.19, It is not ensured that the visible xattr status is consistent with the request replacement. Local users operate through the standard file system, this vulnerability allows you to bypass the target ACL settings and obtain elevation permissions.

<* Source: Alexander Oliva
*>

Suggestion:

Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://bugzilla.redhat.com/show_bug.cgi? Id = 1205079
Https://github.com/torvalds/linux/commit/5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339
Http://git.kernel.org /? P = linux/kernel/git/torvalds/linux-2.6.git; a = commit; h = 5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339

How to install Kernel 4.0.2 on CentOS 7

How to install Linux Kernel 4.0 on CentOS 7

How to install Linux kernel 4.0 on Ubuntu/CentOS?

How to install Linux kernel 13.10 On Ubuntu 3.12

How to install the 3.16.7 CKT2 kernel in Ubuntu 14.10, Ubuntu 14.04, and its derivative versions

Linux Kernel: click here
Linux Kernel: click here

This article permanently updates the link address: