383 matches found
CVE-2014-4014
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...
CVE-2014-4014
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...
Design/Logic Flaw
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...
CVE-2014-4014
The CVE-2014-4014 issue is a Linux kernel local privilege escalation affecting versions before 3.14.8. The root cause is that namespaces are inapplicable to inodes, allowing a local user who creates a user namespace to bypass chmod restrictions by setting the setgid bit on a file with root group ...
CVE-2014-4014
The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with grou...
[oss-security] CVE-2014-4014: Linux kernel user namespace bug
The internal function inodecapable was used inappropriately. Depending on configuration, this may be usable to escalate privileges. A cursory inspection of my Fedora box suggests that it is not vulnerable to the obvious way to exploit this bug. The fix should appear in Linus' -master shortly, and...
[USN-1974-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1974-1 September 27, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-1971-1)
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A memory leak was discovered in the user namespace facility of the Linux kernel. A local user...
Ubuntu 13.04 : linux vulnerabilities (USN-1974-1)
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A memory leak was discovered in the user namespace facility of the Linux kernel. A local user...
USN-1974-1: Linux kernel vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A memory leak was discovered in the user namespace facility of the Linux kernel. A local user...
USN-1971-1: Linux kernel (Raring HWE) vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A memory leak was discovered in the user namespace facility of the Linux kernel. A local user...
DEBIAN-CVE-2013-4205
Memory leak in the unshareuserns function in kernel/usernamespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service memory consumption via an invalid CLONENEWUSER unshare call...
UBUNTU-CVE-2013-4205
Memory leak in the unshareuserns function in kernel/usernamespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service memory consumption via an invalid CLONENEWUSER unshare call...
Linux Kernel 3.8.x - open-time Capability file_ns_capable() Local Privilege Escalation
Linux Kernel 3.8.x - open-time Capability filenscapable Local Privilege Escalation / usernsrootsploit.c by / / Copyright c 2013 Andrew Lutomirski. All rights reserved. / / You may use, modify, and redistribute this code under the GPLv2. / define GNUSOURCE include include include include include...
Linux Kernel < 3.8.x - open-time Capability 'file_ns_capable()' Local Privilege Escalation
/ usernsrootsploit.c by / / Copyright c 2013 Andrew Lutomirski. All rights reserved. / / You may use, modify, and redistribute this code under the GPLv2. / define GNUSOURCE include include include include include include include include include include include include include ifndef CLONENEWUSER...
DEBIAN-CVE-2013-1959
kernel/usernamespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uidmap and gidmap files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process...
Design/Logic Flaw
kernel/usernamespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uidmap and gidmap files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process...
CVE-2013-1959
kernel/usernamespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uidmap and gidmap files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process...
UBUNTU-CVE-2013-1959
kernel/usernamespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uidmap and gidmap files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process...
DEBIAN-CVE-2013-1958
The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval durin...