Note:
This project will be discontinued after December 13, 2021. [more]
2020-08-19
In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.
Products | Ubuntu_linux, Linux_kernel, Leap, Sd\-Wan_edge, Starwind_virtual_san |
Type | Incorrect Permission Assignment for Critical Resource (CWE-732) |
First patch | - None (likely due to unavailable code) |
Patches | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=22cf8419f1319ff87ec759d0ebdff4cbafaee832 |
Links |
• https://usn.ubuntu.com/4483-1/
• https://usn.ubuntu.com/4485-1/ • https://usn.ubuntu.com/4465-1/ • https://www.starwindsoftware.com/security/sw-20210325-0004/ • https://www.oracle.com/security-alerts/cpuApr2021.html |