Upstream information
Description
The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
| CVSS detail | National Vulnerability Database |
|---|---|
| Base Score | 3.6 |
| Vector | AV:L/AC:L/Au:N/C:N/I:P/A:P |
| Access Vector | Local |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | Partial |
| Availability Impact | Partial |
SUSE Security Advisories:
- SUSE-SA:2008:030, published Fri, 20 Jun 2008 14:00:00 +0000
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 04:06:29 2013CVE page last modified: Mon Oct 6 18:15:18 2025