Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-9717

Опубликовано: 02 мая 2016
Источник: debian

Описание

fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed4.0.2-1package
linuxignoredjessiepackage
linuxnot-affectedwheezypackage
linux-2.6not-affectedpackage

Примечания

  • https://groups.google.com/forum/#!topic/linux.kernel/HnegnbXk0Vs

  • Proposed fixes: http://www.spinics.net/lists/linux-containers/msg30786.html

  • https://www.openwall.com/lists/oss-security/2015/04/17/4

  • CVE assignement for issue in http://marc.info/?l=linux-kernel&m=141271552117745&w=2

Связанные уязвимости

ubuntu логотип

CVE-2014-9717

CVSS3: 6.1
ubuntu
почти 10 лет назад

fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace.

redhat логотип

CVE-2014-9717

redhat
больше 11 лет назад

fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace.

nvd логотип

CVE-2014-9717

CVSS3: 6.1
nvd
почти 10 лет назад

fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace.

github логотип

GHSA-325x-3w5r-2xgh

CVSS3: 6.1
github
больше 3 лет назад

fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace.

suse-cvrf логотип

SUSE-SU-2016:1696-1

suse-cvrf
больше 9 лет назад

Security update for the Linux Kernel