Linux kernel (Trusty HWE) vulnerabilities

2014-08-1800:00:00

ubuntu.com

7.5 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

25.7%

JSON

Releases

Ubuntu 12.04

Packages

linux-lts-trusty - Linux hardware enablement kernel from Trusty

Details

Eric W. Biederman discovered a flaw with the mediation of mount flags in
the Linux kernel’s user namespace subsystem. An unprivileged user could
exploit this flaw to by-pass mount restrictions, and potentially gain
administrative privileges. (CVE-2014-5207)

Kenton Varda discovered a flaw with read-only bind mounds when used with
user namespaces. An unprivileged local user could exploit this flaw to gain
full write privileges to a mount that should be read only. (CVE-2014-5206)

OSVersionArchitecturePackageVersionFilename
Ubuntu12.04noarchlinux-image-3.13.0-34-generic-lpae< 3.13.0-34.60~precise1UNKNOWN
Ubuntu12.04noarchblock-modules-3.13.0-34-generic-di< 3.13.0-34.60~precise1UNKNOWN
Ubuntu12.04noarchcrypto-modules-3.13.0-34-generic-di< 3.13.0-34.60~precise1UNKNOWN
Ubuntu12.04noarchfat-modules-3.13.0-34-generic-di< 3.13.0-34.60~precise1UNKNOWN
Ubuntu12.04noarchfb-modules-3.13.0-34-generic-di< 3.13.0-34.60~precise1UNKNOWN
Ubuntu12.04noarchfirewire-core-modules-3.13.0-34-generic-di< 3.13.0-34.60~precise1UNKNOWN
Ubuntu12.04noarchfloppy-modules-3.13.0-34-generic-di< 3.13.0-34.60~precise1UNKNOWN
Ubuntu12.04noarchfs-core-modules-3.13.0-34-generic-di< 3.13.0-34.60~precise1UNKNOWN
Ubuntu12.04noarchfs-secondary-modules-3.13.0-34-generic-di< 3.13.0-34.60~precise1UNKNOWN
Ubuntu12.04noarchinput-modules-3.13.0-34-generic-di< 3.13.0-34.60~precise1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	12.04	noarch	linux-image-3.13.0-34-generic-lpae	< 3.13.0-34.60~precise1	UNKNOWN
Ubuntu	12.04	noarch	block-modules-3.13.0-34-generic-di	< 3.13.0-34.60~precise1	UNKNOWN
Ubuntu	12.04	noarch	crypto-modules-3.13.0-34-generic-di	< 3.13.0-34.60~precise1	UNKNOWN
Ubuntu	12.04	noarch	fat-modules-3.13.0-34-generic-di	< 3.13.0-34.60~precise1	UNKNOWN
Ubuntu	12.04	noarch	fb-modules-3.13.0-34-generic-di	< 3.13.0-34.60~precise1	UNKNOWN
Ubuntu	12.04	noarch	firewire-core-modules-3.13.0-34-generic-di	< 3.13.0-34.60~precise1	UNKNOWN
Ubuntu	12.04	noarch	floppy-modules-3.13.0-34-generic-di	< 3.13.0-34.60~precise1	UNKNOWN
Ubuntu	12.04	noarch	fs-core-modules-3.13.0-34-generic-di	< 3.13.0-34.60~precise1	UNKNOWN
Ubuntu	12.04	noarch	fs-secondary-modules-3.13.0-34-generic-di	< 3.13.0-34.60~precise1	UNKNOWN
Ubuntu	12.04	noarch	input-modules-3.13.0-34-generic-di	< 3.13.0-34.60~precise1	UNKNOWN