Red Hat Bugzilla – Bug 601006
CVE-2010-2066 kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files
Last modified: 2015-08-31 23:55:32 EDT
Description of problem:
If the donor file is an append-only file, we should not allow the operation to proceed, lest we end up overwriting the contents of an append-only file.
Red Hat would like to thank Dan Rosenberg for reporting this issue.
This issue did not affect the version of Linux kernel as shipped with Red Hat
Enterprise Linux 3, 4 and Red Hat Enterprise MRG as they did not include support for the Ext4 filesystem. A future kernel update in Red Hat Enterprise Linux 5 will address this issue.
Also see, http://www.gossamer-threads.com/lists/linux/kernel/1235423, but the regression don't look related.
(In reply to comment #4)
> Also see, http://www.gossamer-threads.com/lists/linux/kernel/1235423, but the
> regression don't look related.
Right, that ended up being a mis-reported issue. The patch at hand is not implicated in the user's problems. See http://www.gossamer-threads.com/lists/linux/kernel/1235623#1235623
Fixed in 18.104.22.168 and 22.214.171.124 by:
Not yet fixed in 2.6.32-stable.
kernel-126.96.36.199-150.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2010:0610 https://rhn.redhat.com/errata/RHSA-2010-0610.html