Vulnerability CVE-2014-5206: Information
Description
The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace.
Severity: HIGH (7.2)
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
kernel-image-std-def | sisyphus | 3.18.21-alt1 | 6.1.87-alt1 | ALT-PU-2015-1794-1 | 149359 | Fixed |
kernel-image-std-def | p10 | 3.18.21-alt1 | 5.10.213-alt1 | ALT-PU-2015-1794-1 | 149359 | Fixed |
kernel-image-std-def | p9 | 3.18.21-alt1 | 5.4.274-alt1 | ALT-PU-2015-1794-1 | 149359 | Fixed |
kernel-image-std-def | c9f2 | 3.18.21-alt1 | 5.10.214-alt0.c9f.2 | ALT-PU-2015-1794-1 | 149359 | Fixed |
kernel-image-std-def | c7 | 4.4.93-alt0.M70C.1 | 4.4.277-alt0.M70C.1 | ALT-PU-2017-2509-1 | 191210 | Fixed |
kernel-image-un-def | sisyphus | 3.16.2-alt1 | 6.6.28-alt1 | ALT-PU-2014-2106-1 | 129235 | Fixed |
kernel-image-un-def | p10 | 3.16.2-alt1 | 6.1.85-alt1 | ALT-PU-2014-2106-1 | 129235 | Fixed |
kernel-image-un-def | p9 | 3.16.2-alt1 | 5.10.215-alt1 | ALT-PU-2014-2106-1 | 129235 | Fixed |
kernel-image-un-def | c10f1 | 3.16.2-alt1 | 6.1.85-alt0.c10f.1 | ALT-PU-2014-2106-1 | 129235 | Fixed |
kernel-image-un-def | c9f2 | 3.16.2-alt1 | 5.10.29-alt2 | ALT-PU-2014-2106-1 | 129235 | Fixed |
kernel-image-un-def | c7 | 3.16.3-alt1 | 4.9.277-alt0.M70C.1 | ALT-PU-2014-2173-1 | 130870 | Fixed |
usbip | sisyphus | 5.10-alt1 | 5.10-alt1 | ALT-PU-2023-1798-1 | 320453 | Fixed |
usbip | p10 | 5.10-alt1 | 5.10-alt1 | ALT-PU-2023-1903-1 | 320461 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://github.com/torvalds/linux/commit/a6138db815df5ee542d848318e5dae681590fccd |
|
[oss-security] 20140813 Re: CVE Request: ro bind mount bypass using user namespaces |
|
https://bugzilla.redhat.com/show_bug.cgi?id=1129662 |
|
USN-2317-1 |
|
USN-2318-1 |
|
69214 |
|
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6138db815df5ee542d848318e5dae681590fccd |