CVE-2007-4849

NONECVSS 0.0

0.0

JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly other Linux systems, when POSIX ACL support is enabled, does not properly store permissions during (1) inode creation or (2) ACL setting, which might allow local users to access restricted files or directories after a remount of a filesystem, related to "legacy modes" and an inconsistency between dentry permissions and inode permissions.

🔗 References (20)

cve@mitrehttp://dev.laptop.org/ticket/2732
cve@mitrehttp://git.infradead.org/?p=mtd-2.6.git%3Ba=commitdiff%3Bh=9ed437c50d89eabae763dd422579f73fdebf288d
cve@mitrehttp://lists.infradead.org/pipermail/linux-mtd-cvs/2007-August/005897.html
cve@mitrehttp://secunia.com/advisories/26978
cve@mitrehttp://secunia.com/advisories/28170
cve@mitrehttp://secunia.com/advisories/28706
cve@mitrehttp://www.debian.org/security/2007/dsa-1378
cve@mitrehttp://www.securityfocus.com/bid/25838
cve@mitrehttp://www.ubuntu.com/usn/usn-558-1
cve@mitrehttp://www.ubuntu.com/usn/usn-574-1
af854a3a-2127-422b-91ae-364da2661108http://dev.laptop.org/ticket/2732
af854a3a-2127-422b-91ae-364da2661108http://git.infradead.org/?p=mtd-2.6.git%3Ba=commitdiff%3Bh=9ed437c50d89eabae763dd422579f73fdebf288d
af854a3a-2127-422b-91ae-364da2661108http://lists.infradead.org/pipermail/linux-mtd-cvs/2007-August/005897.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26978
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28170

Is Your Infrastructure Affected by CVE-2007-4849?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-4849

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-4849?