CVE-2008-2931

2008-07-09T00:00:00
ID UB:CVE-2008-2931
Type ubuntucve
Reporter ubuntu.com
Modified 2008-07-09T00:00:00

Description

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.

Bugs

  • <https://bugs.launchpad.net/bugs/253787>