High severity8.1NVD Advisory· Published Sep 30, 2010· Updated Apr 29, 2026
CVE-2010-2943
CVE-2010-2943
Description
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
Affected products
26- cpe:2.3:a:avaya:aura_communication_manager:5.2:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_presence_services:6.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:avaya:aura_presence_services:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_presence_services:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_presence_services:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_session_manager:1.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:avaya:aura_session_manager:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_session_manager:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_session_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_system_manager:5.2:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:avaya:aura_system_manager:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_system_manager:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_system_manager:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_system_manager:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_system_platform:1.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:avaya:aura_system_platform:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_system_platform:6.0:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_system_platform:6.0:sp1:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_voice_portal:5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:avaya:aura_voice_portal:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_voice_portal:5.1:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_voice_portal:5.1:sp1:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
22- www.openwall.com/lists/oss-security/2010/08/18/2nvdMailing ListPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2010/08/19/5nvdMailing ListPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- www.securityfocus.com/bid/42527nvdExploitThird Party AdvisoryVDB Entry
- support.avaya.com/css/P8/documents/100113326nvdThird Party Advisory
- www.securityfocus.com/archive/1/520102/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1041-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-1057-1nvdThird Party Advisory
- www.vmware.com/security/advisories/VMSA-2011-0012.htmlnvdThird Party Advisory
- article.gmane.org/gmane.comp.file-systems.xfs.general/33767nvdBroken Link
- article.gmane.org/gmane.comp.file-systems.xfs.general/33768nvdBroken Link
- article.gmane.org/gmane.comp.file-systems.xfs.general/33769nvdBroken Link
- article.gmane.org/gmane.comp.file-systems.xfs.general/33771nvdBroken Link
- oss.sgi.com/archives/xfs/2010-06/msg00191.htmlnvdBroken Link
- oss.sgi.com/archives/xfs/2010-06/msg00198.htmlnvdBroken Link
- secunia.com/advisories/42758nvdBroken Link
- secunia.com/advisories/43161nvdBroken Link
- secunia.com/advisories/46397nvdBroken Link
- www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35nvdBroken Link
- www.redhat.com/support/errata/RHSA-2010-0723.htmlnvdBroken Link
- www.vupen.com/english/advisories/2011/0070nvdBroken Link
- www.vupen.com/english/advisories/2011/0280nvdBroken Link
News mentions
0No linked articles in our index yet.