CVE-2015-4178

2016-05-02T00:00:00
ID UB:CVE-2015-4178
Type ubuntucve
Reporter ubuntu.com
Modified 2016-05-02T00:00:00

Description

The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs_pin.c and include/linux/fs_pin.h.

Bugs

  • <https://launchpad.net/bugs/1462255>

Notes

Author| Note
---|---
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support