|
|
Subscribe / Log in / New account

kernel: privilege escalation

Package(s):kernel CVE #(s):CVE-2014-4014
Created:June 19, 2014 Updated:June 25, 2014
Description: From discoverer Andy Lutomirski's description:

The bug is that, if you created a user namespace and retained capabilities in that namespace, then you could use chmod to set the setgid bit on any file you owned, including files with, say, group 0.

The impact depends on what files are available that have gids that shouldn't be available to the users who own the file. For example, the existence of a uid != 0, gid == 0 file would allow that uid to escalate privileges to gid 0, which is likely good enough for full root.

Alerts:
Oracle ELSA-2015-2152 kernel 2015-11-25
Mageia MGASA-2015-0077 kernel-rt 2015-02-19
Oracle ELSA-2014-3096 kernel 2014-12-04
Oracle ELSA-2014-3096 kernel 2014-12-04
CentOS 2014:X011 kernel 2014-10-01
Ubuntu USN-2336-1 linux-lts-trusty 2014-09-02
Ubuntu USN-2337-1 kernel 2014-09-02
Mageia MGASA-2014-0332 kernel-vserver 2014-08-18
Mageia MGASA-2014-0337 kernel-tmb 2014-08-18
Mageia MGASA-2014-0331 kernel-tmb 2014-08-18
Mageia MGASA-2014-0336 kernel-linus 2014-08-18
Mageia MGASA-2014-0330 kernel-linus 2014-08-18
openSUSE openSUSE-SU-2014:0985-1 kernel 2014-08-11
openSUSE openSUSE-SU-2014:0957-1 kernel 2014-08-01
Mageia MGASA-2014-0316 kernel 2014-08-05
Ubuntu USN-2287-1 linux-lts-saucy 2014-07-16
Ubuntu USN-2286-1 linux-lts-raring 2014-07-16
Ubuntu USN-2285-1 linux-lts-quantal 2014-07-16
Ubuntu USN-2289-1 kernel 2014-07-16
Mageia MGASA-2014-0273 kernel 2014-06-22
Fedora FEDORA-2014-7426 kernel 2014-06-22
Fedora FEDORA-2014-7430 kernel 2014-06-18
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds