3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
25.2%
kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have
appropriate capability requirements for the uid_map and gid_map files,
which allows local users to gain privileges by opening a file within an
unprivileged process and then modifying the file within a privileged
process.
Author | Note |
---|---|
jj | break commit 771b1371686e0a63e938ada28de020b9a0040f55 is the commit where user namespaces where enabled, and may not be the actual commit that causes the specific breakage, but they where not available to cause the CVE before this commit. |