CVE-2010-1636

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only file descriptor.

Published: Jun 8, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-1636
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	2.6.31	2.6.31.x
linux / linux_kernel	2.6.29.3	2.6.29.3.x
linux / linux_kernel	2.6.31.9	2.6.31.9.x
linux / linux_kernel	2.6.31.3	2.6.31.3.x
linux / linux_kernel	2.6.30.10	2.6.30.10.x
linux / linux_kernel	2.6.31.12	2.6.31.12.x
linux / linux_kernel	2.6.29	2.6.29.x
linux / linux_kernel	2.6.31.4	2.6.31.4.x
linux / linux_kernel	2.6.32	2.6.32.x
linux / linux_kernel	2.6.31.6	2.6.31.6.x
linux / linux_kernel	2.6.31.10	2.6.31.10.x
linux / linux_kernel	2.6.31.1	2.6.31.1.x
linux / linux_kernel	2.6.30.7	2.6.30.7.x
linux / linux_kernel	2.6.29.4	2.6.29.4.x
linux / linux_kernel	2.6.31.7	2.6.31.7.x
linux / linux_kernel	2.6.30.8	2.6.30.8.x
linux / linux_kernel	2.6.30.9	2.6.30.9.x
linux / linux_kernel	2.6.29.1	2.6.29.1.x
linux / linux_kernel	2.6.30.4	2.6.30.4.x
linux / linux_kernel	2.6.29.6	2.6.29.6.x
linux / linux_kernel	2.6.30.2	2.6.30.2.x
linux / linux_kernel	2.6.30.6	2.6.30.6.x
linux / linux_kernel	2.6.30.1	2.6.30.1.x
linux / linux_kernel	2.6.31.5	2.6.31.5.x
linux / linux_kernel	2.6.31.11	2.6.31.11.x
linux / linux_kernel	2.6.29.2	2.6.29.2.x
linux / linux_kernel	2.6.31.13	2.6.31.13.x
linux / linux_kernel	2.6.31.8	2.6.31.8.x
linux / linux_kernel	2.6.31.2	2.6.31.2.x
linux / linux_kernel	2.6.30.5	2.6.30.5.x
linux / linux_kernel	2.6.30	2.6.30.x
linux / linux_kernel	2.6.30.3	2.6.30.3.x
linux / linux_kernel	2.6.29.5	2.6.29.5.x

Vulnerability Database

289,871

CVE-2010-1636