Vulnerabilities

CVE-2009-1630

by Fred · 14/05/2009

The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.

Date published : 2009-05-14

http://www.securityfocus.com/bid/34934

http://www.securityfocus.com/archive/1/505254/100/0/threaded

Similar

Tags: Cybersecurity Alert