CVE-2015-4178

2016-05-02T10:59:00
ID CVE-2015-4178
Type cve
Reporter cve@mitre.org
Modified 2016-05-06T20:17:00

Description

The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs_pin.c and include/linux/fs_pin.h. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>