7.6 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
25.9%
Eric W. Biederman discovered a flaw with the mediation of mount flags in
the Linux kernel’s user namespace subsystem. An unprivileged user could
exploit this flaw to by-pass mount restrictions, and potentially gain
administrative privileges. (CVE-2014-5207)
Kenton Varda discovered a flaw with read-only bind mounds when used with
user namespaces. An unprivileged local user could exploit this flaw to gain
full write privileges to a mount that should be read only. (CVE-2014-5206)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 14.04 | noarch | linux-image-3.13.0-34-generic | < 3.13.0-34.60 | UNKNOWN |
Ubuntu | 14.04 | noarch | block-modules-3.13.0-34-generic-di | < 3.13.0-34.60 | UNKNOWN |
Ubuntu | 14.04 | noarch | crypto-modules-3.13.0-34-generic-di | < 3.13.0-34.60 | UNKNOWN |
Ubuntu | 14.04 | noarch | fat-modules-3.13.0-34-generic-di | < 3.13.0-34.60 | UNKNOWN |
Ubuntu | 14.04 | noarch | fb-modules-3.13.0-34-generic-di | < 3.13.0-34.60 | UNKNOWN |
Ubuntu | 14.04 | noarch | firewire-core-modules-3.13.0-34-generic-di | < 3.13.0-34.60 | UNKNOWN |
Ubuntu | 14.04 | noarch | floppy-modules-3.13.0-34-generic-di | < 3.13.0-34.60 | UNKNOWN |
Ubuntu | 14.04 | noarch | fs-core-modules-3.13.0-34-generic-di | < 3.13.0-34.60 | UNKNOWN |
Ubuntu | 14.04 | noarch | fs-secondary-modules-3.13.0-34-generic-di | < 3.13.0-34.60 | UNKNOWN |
Ubuntu | 14.04 | noarch | input-modules-3.13.0-34-generic-di | < 3.13.0-34.60 | UNKNOWN |