Unrated severityNVD Advisory· Published Dec 31, 2005· Updated Apr 16, 2026

CVE-2005-3623

Description

nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.suse.de/archive/suse-security-announce/2006-Feb/0010.htmlnvdBroken LinkPatch
lkml.org/lkml/2005/12/23/171nvdMailing ListPatch
secunia.com/advisories/18788nvdBroken LinkPatchVendor Advisory
secunia.com/advisories/19038nvdBroken LinkPatchVendor Advisory
secunia.com/advisories/21465nvdBroken LinkVendor Advisory
secunia.com/advisories/22417nvdBroken LinkVendor Advisory
support.avaya.com/elmodocs2/security/ASA-2006-200.htmnvdThird Party Advisory
www.novell.com/linux/security/advisories/2006_06_kernel.htmlnvdBroken LinkVendor Advisory
www.securityfocus.com/bid/16570nvdBroken LinkThird Party AdvisoryVDB Entry
www.redhat.com/support/errata/RHSA-2006-0575.htmlnvdBroken Link
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11707nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000