Linux kernel built with the Btrfs Filesystem support(CONFIG_BTRFS_FS) is
vulnerable to a race condition which leaves the extended attribute(xattr)
empty for a short time window. This could be leveraged to bypass set ACLs
and potentially escalate user privileges.
An unprivileged user could use this flaw to potentially escalate privileges on
This issue does not affect the versions of the kernel package as shipped with
Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.
This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6 and 7. Future kernel updates for Red Hat Enterprise Linux 7 may address this issue.
Given the Moderate impact and the fact that BRTFS file system is no longer Technology preview in Red Hat Enterprise Linux 6 this issue is not currently planned to be addressed in future releases of Red Hat Enterprise Linux 6.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1205088]
This issue was discovered by Alexandre Oliva of Red Hat Inc.