Linux Kernel LSM ReadV/WriteV Security Restriction Bypass Vulnerability

The Linux kernel is susceptible to a security-restriction-bypass vulnerability. This issue is due to the kernel's failure to properly enforce Linux Security Module security checks.

This issue allows local attackers to bypass security restrictions, allowing them to read and write to files they do not have permissions to access. This may aid them in further attacks.

This issue occurs during read and write calls that occur after files have been opened. During the open process, proper security checks are enforced. This means that this issue is exploitable only when access to files is revoked after they have already been opened by an attacker.

Linux kernel versions prior to 2.6.16.12 are vulnerable to this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus