Linux Kernel NFS ACL Access Control Bypass Vulnerability

Linux Kernel NFS ACL Access Control Bypass Vulnerability

The Linux kernel's NFS implementation is prone to a remote access-control-bypass vulnerability. The software fails to validate the privileges of remote users before setting ACLs.

This issue allows remote attackers to improperly alter ACLs on NFS filesystems, allowing them to bypass access controls. Disclosure of sensitive information, modification of arbitrary files, and other attacks are possible.

Kernel versions prior to 2.6.14.5 in the 2.6 kernel series are vulnerable to this issue.