Vigil@nce - Linux kernel: bypassing extended attributes on ReiserFS
April 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
A local attacker can bypass extended attributes of files located
on a ReiserFS filesystem.
Severity: 2/4
Creation date: 09/04/2010
DESCRIPTION OF THE VULNERABILITY
Extended attributes are used to associate a value to a file, such
as its MIME type.
On a ReiserFS filesystem, extended attributes are stored in
"/.reiserfs_priv". However, all users can alter the content of
"/.reiserfs_priv", in order for example to suppress security
attributes.
A local attacker can therefore bypass extended attributes of files
located on a ReiserFS filesystem.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-bypassing-extended-attributes-on-ReiserFS-9565