JFFS2 ACL security issue in OLPC project – the first one?
Let the CVE describe the vulnerability:
JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly other Linux systems, when POSIX ACL support is enabled, does not properly store permissions during (1) inode creation or (2) ACL setting, which might allow local users to access restricted files or directories after a remount of a filesystem…
The only references available are:
It appears that the CVSS score assigned last week is 4.4., i.e. Medium.
OVPC – One Vulnerability Per Child or do we have any others?
Hey, this is post #1000 and there are 925 posts in the archive.