Unrated severityNVD Advisory· Published Sep 3, 2010· Updated Apr 29, 2026

CVE-2010-2226

Description

The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file.

Affected products

Canonical/Ubuntu Linux6 versions
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 5 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <2.6.35
SUSE S.A./Linux Enterprise Desktop
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Server
cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Software Development Kit
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.htmlnvdMailing ListThird Party Advisory
marc.infonvdThird Party Advisory
marc.infonvdThird Party Advisory
secunia.com/advisories/43315nvdThird Party Advisory
www.debian.org/security/2010/dsa-2094nvdThird Party Advisory
www.mandriva.com/security/advisoriesnvdThird Party Advisory
www.redhat.com/support/errata/RHSA-2010-0610.htmlnvdThird Party Advisory
www.securityfocus.com/archive/1/516397/100/0/threadednvdThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/40920nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-1000-1nvdThird Party Advisory
www.vmware.com/security/advisories/VMSA-2011-0003.htmlnvdThird Party Advisory
www.vupen.com/english/advisories/2011/0298nvdThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
archives.free.net.ph/message/20100616.130710.301704aa.en.htmlnvdBroken Link
archives.free.net.ph/message/20100616.135735.40f53a32.en.htmlnvdBroken Link
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000