ALT-PU-2014-2025-1
Package kernel-image-led-xen updated to version 3.15.10-alt4 for branch sisyphus in task 127533.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2014-5206
The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6138db815df5ee542d848318e5dae681590fccd
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6138db815df5ee542d848318e5dae681590fccd
- [oss-security] 20140813 Re: CVE Request: ro bind mount bypass using user namespaces
- [oss-security] 20140813 Re: CVE Request: ro bind mount bypass using user namespaces
- 69214
- 69214
- USN-2317-1
- USN-2317-1
- USN-2318-1
- USN-2318-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1129662
- https://bugzilla.redhat.com/show_bug.cgi?id=1129662
- https://github.com/torvalds/linux/commit/a6138db815df5ee542d848318e5dae681590fccd
- https://github.com/torvalds/linux/commit/a6138db815df5ee542d848318e5dae681590fccd
Modified: 2024-11-21
CVE-2014-5207
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9566d6742852c527bf5af38af5cbb878dad75705
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9566d6742852c527bf5af38af5cbb878dad75705
- 110055
- 110055
- http://packetstormsecurity.com/files/128595/Linux-Kernel-3.16.1-FUSE-Privilege-Escalation.html
- http://packetstormsecurity.com/files/128595/Linux-Kernel-3.16.1-FUSE-Privilege-Escalation.html
- [oss-security] 20140812 CVE Request: ro bind mount bypass using user namespaces
- [oss-security] 20140812 CVE Request: ro bind mount bypass using user namespaces
- 34923
- 34923
- [oss-security] 20140813 Re: CVE Request: ro bind mount bypass using user namespaces
- [oss-security] 20140813 Re: CVE Request: ro bind mount bypass using user namespaces
- 69216
- 69216
- USN-2317-1
- USN-2317-1
- USN-2318-1
- USN-2318-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1129662
- https://bugzilla.redhat.com/show_bug.cgi?id=1129662
- linux-kernel-cve20145207-sec-bypass(95266)
- linux-kernel-cve20145207-sec-bypass(95266)
- https://github.com/torvalds/linux/commit/9566d6742852c527bf5af38af5cbb878dad75705
- https://github.com/torvalds/linux/commit/9566d6742852c527bf5af38af5cbb878dad75705