376 matches found
DEBIAN-CVE-2014-5207
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, ...
CVE-2014-5206
The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount"...
Design/Logic Flaw
The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount"...
CVE-2014-5207
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, ...
CVE-2014-5206
The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount"...
CVE-2014-5206
CVE-2014-5206 : In Linux kernel versions up to 3.16.1, the do_remount function in fs/namespace.c fails to preserve the MNT_LOCK_READONLY flag across remounts of bind mounts. This allows a local user to bypass the intended read-only restriction by using a mount -o remount within a user namespace, ...
USN-2317-1: Linux kernel (Trusty HWE) vulnerabilities
Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. CVE-2014-5207 Kenton Varda discovered a flaw with...
Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2317-1)
Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. CVE-2014-5207 Kenton Varda discovered a flaw with...
CVE-2014-5206
The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount"...
CVE-2014-5207
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, ...
UBUNTU-CVE-2014-5206
The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount"...
UBUNTU-CVE-2014-5207
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, ...
Linux Kernel 3.8.x - open-time Capability file_ns_capable() Privilege Escalation
No description provided by source. / usernsrootsploit.c by / / Copyright c 2013 Andrew Lutomirski. All rights reserved. / / You may use, modify, and redistribute this code under the GPLv2. / define GNUSOURCE include unistd.h include sched.h include sys/types.h include sys/wait.h include sys/mman....
CVE-2014-4014
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...
CVE-2014-4014
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...
Design/Logic Flaw
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...
CVE-2014-4014
The CVE-2014-4014 issue is a Linux kernel local privilege escalation affecting versions before 3.14.8. The root cause is that namespaces are inapplicable to inodes, allowing a local user who creates a user namespace to bypass chmod restrictions by setting the setgid bit on a file with root group ...
CVE-2014-4014
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...
[oss-security] CVE-2014-4014: Linux kernel user namespace bug
The internal function inodecapable was used inappropriately. Depending on configuration, this may be usable to escalate privileges. A cursory inspection of my Fedora box suggests that it is not vulnerable to the obvious way to exploit this bug. The fix should appear in Linus' -master shortly, and...
[USN-1974-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1974-1 September 27, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...